Updated: August 16, 2021

SpatialChat Ltd. a company with its principal place of business at 224 Arch. Makariou III Avenue, Achilleos Building, office 51, 3030 Limassol, Cyprus (“SpatialChat”, “we”, “us” and/or “our”) finds it important to maintain the security, privacy, and integrity of our services so that our customers could use them safely and in a secure manner at all times. Therefore, we value the efforts of researchers to improve our security and/or privacy posture. We are dedicated to providing a secure and transparent environment in which vulnerabilities can be reported.

If you believe you have discovered a security or privacy vulnerability that could affect SpatialChat or our users, we would appreciate your assistance in responsibly revealing this information to us. During your investigation, we ask that you follow SpatialChat’s Vulnerability Disclosure Policy as well as making a good faith effort to avoid privacy violations, destruction of data, and service interruption or deterioration.

Our commitment

We respectfully request that you do not share or publicly announce an unresolved vulnerability with third parties. If you responsibly submit a vulnerability report, we will use reasonable efforts to respond in a timely manner, acknowledging receipt of your vulnerability report, and conducting an investigation into the disclosed issue. We may send an automatic reply as acknowledgement and if you provided us with contact information, we may contact you when we need additional information to assist in the investigation. For the sake of our customers’ security, we generally do not disclose, discuss, or confirm security issues.

Scope

Services that SpatialChat provides are in scope.

The following conditions are out of scope for the Vulnerability Disclosure Program. Any of the activities below will result in disqualifications from the program permanently.

Eligibility and Disclosure

Eligibility