Security at Recce

Responsible Disclosure Guidelines

We ask that all researchers follow these rules to keep users safe and ensure a smooth resolution:

Test Responsibly

Respect privacy & availability

Avoid accessing, modifying, or deleting any user data. Do not attempt denial-of-service attacks or anything that could degrade our services.

Scope

Focus on our assets

Our program applies to all public services hosted under *.datarecce.io and our public APIs. Third-party systems and social engineering are out of scope.

Communicate Privately

Give us time to respond

Please report all findings privately via the embedded form below and allow us a reasonable time to investigate and remediate the issue before any public disclosure.

Safe Harbor

Good faith protection

We won’t pursue legal action against researchers who act in good faith, follow this policy, and avoid harming users or data.

Submit a Report

Use the form below to securely disclose your findings to the Recce team via HackerOne.

If you prefer not to use the form, you can also contact us directly at cybersecurity@datarecce.io.

We value the contributions of security researchers in helping keep our platform safe.

If you’ve discovered a vulnerability, please submit it using the form below. We review every submission with care.