Logo
Log In Create Account

Help us keep Signify secure

Responsible Disclosure Program

Last updated: 24 September 2025

We welcome responsible security research. If you discover a potential vulnerability affecting Signify’s services or platform, please report it so we can investigate and fix it.

Our Program

At Signify, safeguarding the security of our systems, services, and user data is central to our mission. We recognize the important role that security researchers and ethical hackers play in strengthening our defenses. If you identify a potential security vulnerability affecting the confidentiality, integrity, or availability of Signify’s services or platform, we encourage you to report it responsibly.

For the protection of our users and partners, we treat all vulnerability reports as confidential. We kindly request that you refrain from publicly disclosing or discussing any findings until they have been fully reviewed and addressed by our team.

Prohibited Activities

While we encourage responsible research, the following activities are strictly prohibited under this program because they may cause harm:

  • Attempting to access data or accounts you are not authorized to view.
  • Modifying, deleting, or exfiltrating data.
  • Launching denial of service (DoS) or distributed denial of service (DDoS) attacks.
  • Uploading, distributing, or linking to malware or other harmful code.
  • Conducting phishing or other forms of social engineering against Signify staff, users, or partners.
  • Exploiting physical security or facilities.
  • Any activities that violate applicable laws or regulations.

Reporting a Security Issue

If you discover a potential vulnerability, please report it responsibly by emailing us at info@signify.in or via our Contact Us form: https://signify.ink/contact-us.

To help us assess and address your report effectively, please include:

  • The affected product, feature, or URL.
  • Steps to reproduce the issue (detailed and repeatable).
  • Date and time the vulnerability was observed (with timezone if possible).
  • Relevant technical details, logs, screenshots, or proof-of-concept code.

You may submit the report anonymously. If you provide contact details, our team may reach out for clarification or additional information.

What Happens Next

Once your report is submitted, our team will review it and, if necessary, initiate an investigation. We aim to acknowledge valid submissions within five business days. If the issue is confirmed, we will take steps to remediate it as quickly as possible. In certain cases, we may also be required to notify regulatory bodies or cooperate with law enforcement agencies.

Privacy

Any personal information you provide to us as part of your report will be handled in accordance with our Privacy Policy. You are not required to identify yourself; anonymous or pseudonymous submissions are welcome.

Recognition

While Signify does not offer financial rewards for vulnerability disclosures, we deeply value the efforts of the security community. With your consent, we may acknowledge your contribution in future communications or documentation.

Last updated: 24 September 2025

Submit a report

Email: info@signify.in

Contact form: Contact Us