Last Updated: February 17, 2026
DollarDecision values the security of its systems and the protection of user information. We welcome responsible reporting of security vulnerabilities that may affect the integrity, availability, or confidentiality of our website.
This policy applies to security vulnerabilities identified within the publicly accessible components of the DollarDecision website, including web application functionality and associated infrastructure.
This policy does not apply to third-party services, external financial institutions, affiliate platforms, analytics providers, advertising networks, or other external systems referenced or linked from our platform.
If you believe you have identified a security vulnerability, please report it responsibly through our Contact Page and include the subject line “Security Vulnerability Report.”
Please provide a detailed description of the issue, steps to reproduce the vulnerability, the affected URL or system component, and any relevant technical information necessary to validate the finding.
We request that researchers act in good faith and avoid actions that could harm users, compromise data, disrupt services, or degrade website performance. Vulnerabilities should not be exploited beyond what is necessary to demonstrate the issue.
Researchers should not access, modify, or delete data belonging to other users, nor engage in social engineering, denial-of-service testing, automated scraping attacks, or physical security testing.
We will review reported vulnerabilities in a timely and reasonable manner. If a valid security issue is confirmed, we will take appropriate corrective action consistent with our internal security practices and applicable legal requirements.
This policy does not authorize or permit actions that violate applicable laws, regulations, or third-party agreements. Unauthorized access, data exfiltration, service disruption, or exploitation of vulnerabilities for personal gain may result in legal consequences.
If you conduct vulnerability research in good faith, adhere to this policy, and report findings responsibly without exploiting them for malicious purposes, we will not pursue legal action solely for identifying and reporting the vulnerability.
This safe harbor applies only to actions consistent with this policy and does not extend to activities that violate applicable laws or intentionally cause harm.
This Responsible Disclosure Policy may be updated periodically to reflect changes in security practices, operational processes, or regulatory expectations. The most current version will always be published on this page.