At ShiftLink, the security of our systems and the privacy of our users is a top priority. We welcome contributions from security researchers and the community to help us maintain the highest standards of security.
Reporting a Vulnerability
If you believe you have found a security vulnerability in any part of ShiftLink’s services, please let us know right away. We appreciate your help in disclosing the issue responsibly.
Please email your findings to:
security @ shiftlinkapp.com
Include as much detail as possible, such as:
• A description of the vulnerability
• The steps to reproduce it
• Any relevant screenshots, logs, or proof of concept
• Your contact information so we can follow up
What to Expect
• We will acknowledge your report within 3 business days.
• We aim to investigate and address valid issues within 10 business days.
• We may request additional information or clarification.
• We’ll notify you once the issue has been resolved.
Guidelines
To help us resolve issues quickly and safely:
• Do not publicly disclose the vulnerability before we’ve had a chance to fix it.
• Do not access, modify, or delete any data that does not belong to you.
• Do not perform any actions that could cause harm to ShiftLink, its users, or its services.
Safe Harbour
We consider vulnerability research and disclosure conducted in accordance with this policy to be authorized. We will not take legal action against you for following this policy in good faith.