Policy
No technology is perfect, and People Interactive believes that working with skilled security researchers across the globe is crucial in identifying weaknesses in any technology. If you believe you've found a security issue in our product or service, we encourage you to notify us. We welcome working with you to resolve the issue promptly.
Disclosure Policy
Let us know as soon as possible upon discovery of a potential security issue, and we'll make every effort to quickly resolve the issue.
Provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a third party.
Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with the explicit permission of the account holder.
Bounty Eligibility
Exclusions
In Scope
Out Of Scope
What to include in your report
A well-written report will allow us to more quickly and accurately triage your submission. So please include:
Rewards
All bounty amounts will be at the discretion of the Shaadi.com Bug Bounty team, which will be evaluated for severity, impact, and quality of the report to determine the bounty level. There could be submissions which we accept the risk and will not fix.
Leaks entire database in one go - High
Bounty of INR 15,000 + Certificate of Appreciation
Leaks contact details one by one through trial and error - Medium
Bounty of INR 10,000 + Certificate of appreciation
Leaks contacts of 'accepted' members without payment - Low
Bounty of INR 5,000 + Certificate of Appreciation
Legal
Shaadi.com reserves the right to modify terms and conditions of this program and your participation in the program constitutes acceptance of all terms. Please visit this webs site regularly as we routinely update our program terms and its eligibility, which will be effective upon posting. We reserve the right to cancel this program at any time without any notice any obligation or any liability to anyone.
Safe Harbor
Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.
Thank you for helping keep People Interactive and our users safe!