Get Started

Vulnerability Disclosure

User Website Usage Agreement

Vulnerability Disclosure Policy

Last Updated: September 5, 2024
Effective Date: September 5, 2024

At Hardshipfinancial, LLC (“Hardshipfinancial,” “we,” “us,” or “our”), ensuring the security and privacy of our systems and the personal data of our customers is a top priority. This Vulnerability Disclosure Policy outlines the process for reporting vulnerabilities in our systems and how we address potential security concerns.

We are committed to working with security researchers and the community to identify and resolve vulnerabilities to protect our systems, users, and data. We encourage responsible disclosure of security issues through the proper channels outlined below.


1. Reporting a Vulnerability

If you believe you have discovered a security vulnerability or a potential risk in our systems, websites, or services, we ask that you notify us as soon as possible by following the steps below.

a. How to Submit a Report

Please send your vulnerability report to security@hardshipfinancial.com with the following information:

  • A detailed description of the vulnerability, including the type of vulnerability and its potential impact.
  • Steps to reproduce the issue, including any proof of concept (e.g., screenshots, code samples, or other supporting materials).
  • Your contact information for any follow-up questions (optional).

b. What Happens After Submission

Upon receiving your report, we will:

  • Acknowledge receipt of your report within five (5) business days.
  • Review the vulnerability and assess its impact on our systems.
  • Investigate the issue and determine the appropriate steps to mitigate the vulnerability.
  • Provide you with updates on our progress as we work to resolve the issue.


2. Scope of the Vulnerability Disclosure Program

We welcome reports of vulnerabilities related to the following areas:

  • Web applications (e.g., sandbox.Hardshipfinancial.com and any associated subdomains).
  • APIs (application programming interfaces) used by Hardshipfinancial.
  • Mobile applications.
  • Third-party software used in connection with Hardshipfinancial’s systems (if applicable).

a. Out of Scope

The following types of reports are not eligible for the vulnerability disclosure program:

  • Issues related to third-party websites or services that are not under our control.
  • General feedback on website performance or user experience.
  • Denial of Service (DoS) attacks or any activity that disrupts the operation of our services.
  • Spam or phishing reports.


3. Safe Harbor for Good Faith Reporting

We are committed to working with security researchers in good faith. If you identify a vulnerability and comply with this policy, we will consider your research to be authorized, and we will not initiate legal action against you.

However, we ask that you:

  • Do not exploit the vulnerability beyond what is necessary to demonstrate its existence.
  • Do not access or modify data that is not your own.
  • Do not perform actions that could harm Hardshipfinancial, its users, or its data.
  • Do not publicly disclose the vulnerability until we have had a reasonable amount of time to address it.

We may offer public recognition for responsible disclosures, but this is determined on a case-by-case basis.


4. Legal and Ethical Considerations

By participating in this program, you agree to comply with all applicable laws and regulations. You must avoid violating the privacy of users, degrading the experience for others, or conducting any activity that could cause harm to our systems or services.

We reserve the right to modify or terminate this program at any time.


5. No Compensation

At this time, we do not offer financial rewards or bounties for vulnerability disclosures. However, we deeply appreciate your efforts to keep our systems secure and may recognize your contributions publicly, with your consent.


6. Contact Us

If you have any questions regarding this Vulnerability Disclosure Policy or would like to submit a vulnerability, please contact us at:

Hardshipfinancial, LLC
30 N Gould St Ste R, Sheridan, WY 82801, USA
Email: info@hardshipfinancial.com
Phone: +1 888-279-2106