Vulnerability Disclosure Program

At Crafty, we place paramount importance on the security of our data, systems, and users. The Crafty Vulnerability Disclosure Program (“VDP”) is established to ensure these security measures are in place, thereby safeguarding Crafty's data and that of our clientele.

Should you identify a security vulnerability while utilizing our websites, you are strongly encouraged to report it via email to vdp@craftydelivers.com. Please furnish comprehensive details, including explicit steps to reproduce the issue and an assessment of its potential impact. Your report will be promptly acknowledged and subjected to rigorous verification. Upon confirmation, the identified issue will be escalated to our development teams for resolution, prioritized according to its severity. Any unauthorized extraction or downloading of Crafty data, divulgence of confidential information, or disruption of our customers' experience is considered outside the purview of this program and will not be protected from legal recourse. Demanding remuneration for the deletion of Crafty data shall be construed as a threat and not as participation in this program.