Back to Home

Responsible Disclosure Policy

Purpose

At Currai, we prioritize the security and privacy of our platform and users. This Responsible Disclosure Policy encourages security researchers, users, and third parties to report potential security vulnerabilities in a responsible manner so we can address them promptly and protect everyone.

What to Report

If you discover a potential security issue related to Currai, please report:

  • Vulnerabilities in our website, APIs, or services
  • Bugs that could lead to unauthorized access or data exposure
  • Issues affecting user privacy or data protection
  • Any other security flaws that could impact the integrity, availability, or confidentiality of our platform

How to Report

Please report vulnerabilities by contacting us at:

Email: info@currai.app
Subject: Responsible Disclosure – Security Vulnerability

Include as much detail as possible in your report, such as:

  • Description of the vulnerability
  • Steps to reproduce
  • Potential impact
  • Any relevant screenshots or proof-of-concept code

Our Commitment

  • We will acknowledge your report within 3 business days.
  • We will work diligently to investigate and resolve confirmed issues.
  • We will keep you informed about the progress of the resolution.
  • We will not take legal action against you for good-faith vulnerability research conducted according to this policy.

Safe Harbor

As long as you:

  • Avoid accessing, modifying, or deleting data that does not belong to you
  • Do not disrupt service availability or perform denial-of-service attacks
  • Report vulnerabilities directly and privately to us without public disclosure

You will be protected from legal action and we will treat your report with respect and confidentiality.

What We Cannot Accept

  • Reports submitted to third parties before notifying us
  • Exploitation of vulnerabilities for personal gain or malicious intent
  • Attempts to access data or systems without authorization beyond what is needed to demonstrate the issue

Disclosure Policy

Once a vulnerability is fixed, we may publicly acknowledge your contribution with your permission. You may request anonymity if you prefer.

Contact

For any questions about this policy or to report a security vulnerability:

Email: info@currai.app

Last updated: July 2025