Disclosure Policy

OVERVIEW

Avail Finance is committed to protecting the privacy and security of our system and our customer’s information. of our software tools. Our Responsibility Disclosure Program is intended to minimize the impact any security flaws have on our system or our customer. Avail Finance's Responsibility Disclosure Program covers select product, system, or asset belonging to Avail Finance.

If you believe you have found a potential security vulnerability, we encourage you to let us know as soon as possible. We will investigate the submission and if found valid, take necessary corrective measures. We request you to review our Responsible Disclosure policy as mentioned below along with the reporting guidelines, before you report a security issue.

Thank you in advance for your submission, we appreciate researchers assisting us in our security efforts. Please note, Avail Finance does not operate a public bug bounty program and we make no offer of reward or compensation in exchange for submitting potential issues.

REPORTING SECURITY ISSUES

Send an email to grievance@availfinance.in with information about the vulnerability and detailed steps on how to replicate it.

RESPONSIBLE DISCLOSURE PROGRAM GUIDELINES

Researchers shall disclose potential vulnerabilities in accordance with the following guidelines:

By responsibly submitting your findings to Avail Finance in accordance with these guidelines Avail Finance agrees not to pursue legal action against you. Avail Finance reserves all legal rights in the event of noncompliance with these guidelines.

Once a report is submitted, Avail Finance commits to provide prompt acknowledgement of receipt of all reports (within two business days of submission) and will keep you reasonably informed of the status of any validated vulnerability that you report through this program.

OUT OF SCOPE VULNERABILITIES

Certain vulnerabilities are considered out of scope for our Responsible Disclosure Program. Out-of-scope vulnerabilities include:

SUBMISSION FORMAT

When reporting a potential vulnerability, please include a detailed summary of the vulnerability, including the target, steps, tools, and artifacts used during discovery (screen captures welcome).

CHANGES TO PROGRAM TERMS

The responsible disclosure program, including its policies, is subject to change or cancellation by Avail Finance at any time, without notice. As such, Avail Finance may amend these program terms and/or its policies at any time by posting a revised version on our website. By continuing to participate in the responsible disclosure program after Avail Finance posts any such changes, you implicitly agree to comply with the updated program terms.