Responsible Disclosure Policy

At Raffle.ai, we take the security of our systems and data seriously.
TABLE OF CONTENTS

We value the contributions of independent security researchers and are committed to working with the community to ensure our users remain safe. If you’ve discovered a potential security vulnerability in our systems, products, or services, we want to hear from you.

🤝 Our Commitment

  • We will acknowledge receipt of your report within 3 business days.
  • We will investigate all legitimate reports and do our best to respond with an assessment and timeline for any necessary fixes.
  • We will not pursue legal action against you for reporting vulnerabilities in good faith and in accordance with this policy.

🧭 Guidelines for Responsible Disclosure

To help us handle your report quickly and effectively, please:

  • Act in good faith and avoid privacy violations, data destruction, or service disruption (including DoS).
  • Avoid accessing or modifying data that is not your own.
  • Provide a clear report with a detailed description of the vulnerability, including:
    • Steps to reproduce
    • Tools used
    • Impact assessment
    • Suggestions for mitigation (if possible)

📊 Vulnerability Classification

We generally classify issues into the following tiers:

Severity and impact are ultimately assessed by our internal security team, but your insights are very helpful in making that determination.

🎁 Rewards & Recognition

We believe in rewarding meaningful contributions. While we do not operate a formal public bug bounty program at this time, we offer discretionary rewards for high-impact, novel, or critical findings. These may include:

  • Swag or other thank-you gifts
  • Public recognition on our website or social channels (with your permission)

🚫 Out of Scope

To help us focus on meaningful issues, please note the following are generally not eligible for rewards:

  • Spam, social engineering, or phishing against our staff or users
  • Denial-of-service attacks
  • Vulnerabilities in third-party services or platforms we do not control
  • Version disclosure, descriptive error messages, or other non-exploitable issues

📫 How to Report

Please send your vulnerability report to: security@raffle.ai. Include as much detail as possible to help us validate and address the issue quickly.

Thank you for helping us keep Raffle.ai and our users secure! 🙏

SOC2 badge
SOC2 badgeSOC2 badge

Solutions

OverviewAI SearchAI Chat AssistantAI InsightsToolsIntegrationsPricing

Features

Raffle SummaryInstant AnswersSupport ChannelsTop Questions

Industries

Public & UtilitiesEducationTelco & EnergyUnion

Company

About RaffleCustomer StoriesPartnership ProgramCareerNewsroomContact UsGet StartedRequest a Demo

Resources

Security and ComplianceTerms and ConditionsSupportImplementationTechnologyIntegrationsAPI
© 2024 raffle.ai
PrivacyCookiesNordics: +45 4290 9050Benelux: +31 20244 2319 UK: +44 20 3966 5755US: +1 929-207-4717