Menu

Responsible Disclosure Policy

Last updated: July 17th, 2025

At Reloadly, safeguarding our platform and user data is a top priority. We appreciate the efforts of security researchers and individuals who take the time to identify and report potential vulnerabilities. If you believe you've found a security issue, we ask that you share it with us in a responsible and confidential manner.

How to Report a Security Issue

If you've discovered a potential vulnerability, please send a detailed report to security@reloadly.com. To help us investigate effectively, your message should include:

  • A clear and thorough description of the issue
  • Step-by-step instructions to reproduce the vulnerability
  • Any relevant evidence (e.g., screenshots, logs)
  • Your preferred contact information for follow-up

Requesting additional compliance and security information

Please email your account manager, or support@reloadly.com if you do not have one.

Our Commitment to you

We treat every legitimate report with urgency and care. When you contact us about a security vulnerability, we will:

  • Confirm receipt of your report within 3 business days
  • Provide a preliminary timeline for investigation and remediation
  • Notify you once the issue is resolved

Safe Harbor

Reloadly is committed to creating a safe environment for researchers acting in good faith. If you follow the guidelines outlined in this policy:

  • We will not pursue legal action
  • We will not restrict your access to our services
  • We will work with you to understand the issue and implement a solution

Scope

This policy applies to vulnerabilities discovered in any of the services provided by Reloadly, including vulnerabilities found in any digital asset operated by Reloadly, such as:

  • The Reloadly website and related web applications
  • The Reloadly API
  • End-user interfaces or tools provided by Reloadly
  • Any other official services under Reloadly’s control

Exclusions

To keep our efforts focused and efficient, please avoid the following activities, which are not covered under this policy:

  • Denial of Service (DoS) attacks
  • Social engineering or phishing attacks
  • Physical attacks on Reloadly property or data centers

Bug Bounty

While we deeply value your contributions to security, Reloadly does not currently offer financial rewards for vulnerability reports.

Questions

If anything in this policy is unclear, or you have additional questions, don’t hesitate to contact us at security@reloadly.com.

Thank you for helping us build a safer and more secure Reloadly platform.