Responsible Disclosure Policy

At Raffle.ai, we take the security of our systems and data seriously.

At Raffle.ai, we take the security of our systems and data seriously.
If you’ve discovered a potential security vulnerability in our systems, products, or services, we want to hear from you.

🤝 Our Commitment

  • We will acknowledge receipt of your report within 3 business days if it qualifies for further analysis.
  • We will investigate all legitimate reports and do our best to respond with an assessment and timeline for any necessary fixes.
  • We will not pursue legal action against you for reporting vulnerabilities in good faith and in accordance with this policy.

🧭 Guidelines for Responsible Disclosure

To help us handle your report quickly and effectively, please:

  • Act in good faith and avoid privacy violations, data destruction, or service disruption (including DoS).
  • Avoid accessing or modifying data that is not your own.
  • Provide a clear report with a detailed description of the vulnerability, including:
    • Steps to reproduce
    • Tools used
    • Impact assessment
    • Suggestions for mitigation (if possible)

📊 Vulnerability Classification

We generally classify issues into the following tiers:

Severity and impact are ultimately assessed by our internal security team, but your insights are very helpful in making that determination.

🎁 Rewards & Recognition

We believe in rewarding meaningful contributions. While we do not operate a formal public bug bounty program at this time, we offer discretionary rewards for high-impact, novel, or critical findings. These may include:

  • Swag or other thank-you gifts
  • Public recognition on our website or social channels (with your permission)

🚫 Out of Scope

To help us focus on meaningful issues, please note the following are generally not eligible for rewards:

  • Spam, social engineering, or phishing against our staff or users
  • Denial-of-service attacks
  • Vulnerabilities in third-party services or platforms we do not control
  • Version disclosure, descriptive error messages, or other non-exploitable issues

📫 How to Report

Please send your vulnerability report to: [email protected]. Include as much detail as possible to help us validate and address the issue quickly.


Thank you for helping us keep Raffle.ai and our users secure! 🙏

Contents

Related documents

Get in touch with our talented specialists

Fill out the form, and we’ll contact you to help you get started with Raffle.

First Name

Last Name

Phone Number

Email