Details

LevelUp takes the security of its users and the safety of their information very seriously. If you’ve discovered a vulnerability, help us fix it by disclosing your findings to us first.

Share the details of any suspected vulnerability with the LevelUp Security Team by submitting it here. Please do not publicly disclose these details without our consent. We’ll get back to you ASAP, usually within 24 hours; please follow up or ping us on Twitter (https://twitter.com/thelevelup) if you don’t hear back. ##Rules

Don’t publicly disclose a bug before it’s been fixed.
Don’t attempt to gain access to another user’s data.
Only test for vulnerabilities on systems you know to be owned and hosted by LevelUp. Research into vulnerabilities in third-party apps using our SDKs and in systems hosted by third parties (like http://support.thelevelup.com/ or http://developer.thelevelup.com/) is subject to the owner’s terms, not LevelUp’s. *Never use automated scanning tools or Denial of Service attacks; we may suspend your LevelUp account and ban your IP address if you do so.

##Our Commitment If you’re a security researcher and you identify a verified security vulnerability in compliance with the rules of the Responsible Disclosure Policy, LevelUp will:

Acknowledge the receipt of your report in a timely manner
Notify you when the vulnerability is fixed
Publicly acknowledge your contribution
Not get lawyers involved

##Reporting In reporting any vulnerabilities, let us know: *Vulnerability details and steps to reproduce

Your email address and/or alternative contact info
Your name, website, and/or Twitter handle as they should be displayed on this page, if you’d like public credit
Your shipping address and T-shirt size