Op2ma Security Program - Responsible Disclosure Policy
The Program is open to individuals who are 18 years of age or older (or the age of majority in your jurisdiction of residence, whichever is older). The Program is void wherever prohibited or restricted, and is subject to all federal, state and local laws. You must comply with all applicable laws during your participation in the Program, including but not limited to those regarding the transmission of technical data exported from Australia or the country from which you access our Website. Op2ma shall have the right at any time to change or discontinue any aspect or feature of the Program.
We invite and welcome Reports on any security-related issue or vulnerability that you may find on our Website. However, please do not resort to phishing, spamming and other questionable methods that may harass our users or compromise their data, generate significant volumes of traffic, or cause disruption to our Website.
Ownership and Incentive
Any Report that you submit to us will become our property, and we are under no obligation to act on a Report. However, if we do act on a Report, we may in our sole discretion extend monetary or non-monetary compensation ("Reward") to you as a gesture of our appreciation for helping out Op2ma and the community. You will be responsible for any federal, state and local taxes and any expenses, costs, or fees associated with your participation in the Program and any Reward.
YOU EXPRESSLY ACKNOWLEDGE AND AGREE THAT: (1) YOUR PARTICIPATION IN THE PROGRAM AND USE OF ANY REWARD IS AT YOUR SOLE RISK. OP2MA EXPRESSLY DISCLAIMS ALL WARRANTIES OF ANY KIND, WHETHER EXPRESS OR IMPLIED, INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT. OP2MA SPECIFICALLY DISCLAIMS ANY LIABILITY WITH REGARD TO ANY ACTIONS RESULTING FROM YOUR PARTICIPATION IN THE PROGRAM OR USE OF ANY REWARD.
We ask that you follow principles of responsible disclosure and give the Op2ma security team a reasonable amount of time to respond to and correct the submitted issue before you make it public. We ask you to remain open in communicating with us regarding any public disclosure so that we're in agreement on the report and timelines.
We sincerely appreciate the efforts of security researchers in keeping our community safe.