Home
Log in
Talk To Us
Last Update: March 19, 2026
VULNERABILITY DISCLOSURE POLICY
Introduction
TradableBits Media Inc. ("Tradable Bits”) takes the security of our systems and the protection of our customers’ data seriously. We welcome responsible, good-faith reports of potential security vulnerabilities so that we can investigate and remediate issues promptly.
This Vulnerability Disclosure Policy (“Policy”) describes how to report security vulnerabilities to us and sets expectations for responsible disclosure.
Scope
This Policy applies to publicly accessible digital assets owned, operated, or maintained by Tradable Bits, including our production web applications and services.
Assets, systems, or environments not owned or controlled by Tradable Bits are outside the scope of this Policy
Out of Scope
The following are out of scope:
  • Systems, applications, or infrastructure not owned or operated by Tradable Bits
  • Customer environments or customer data
  • Third-party services, vendors, or integrations
  • Social engineering, phishing, or physical security testing
  • Denial-of-service (DoS) testing or traffic flooding
  • Automated scanning that degrades service availability
Reporting a Vulnerability
If you believe you have identified a security vulnerability, please report it directly and confidentially to security@tradeablebits.com (or other designated channel).
Reports should include sufficient detail to allow us to understand and validate the issue (e.g., description, affected system, and steps to reproduce).
Do not disclose vulnerabilities to our customers, partners, the media, or any third party.
Our Commitments
When a vulnerability is reported in accordance with this Policy, we will:
  • Acknowledge receipt of the report within a reasonable timeframe
  • Assess and validate the reported issue
  • Take appropriate steps to remediate confirmed vulnerabilities, consistent with our operational priorities
  • Keep reporting parties reasonably informed of progress where appropriate
Our Expectations
In submitting a report under this Policy, we expect that you:
  • Act in good faith and comply with this Policy and all applicable laws
  • Limit testing to what is necessary to identify and demonstrate the vulnerability
  • Immediately cease testing if you encounter any customer data, personal data, or sensitive information
  • Do not exploit, misuse, retain, copy, or disclose any data accessed during testing
  • Do not continue testing after identifying a vulnerability
  • Do not attempt to extort, coerce, or pressure Tradable Bits in connection with a report
  • Do not publicly disclose vulnerabilities without our prior written consent
Safe Harbor
When conducted in good faith and in full compliance with this Policy, security research activities will be considered authorized by Tradable Bits for the limited purpose of vulnerability reporting.
This safe harbor:
  • Applies only to activities within the scope of this Policy
  • Does not permit disclosure to customers or third parties
  • Does not apply to actions that violate applicable law or exceed permitted testing
This Policy does not grant general authorization to test our systems and does not bind third parties.
Questions
If you are unsure whether your actions are consistent with this Policy, please contact us via the reporting channel before proceeding.
Suite #301, 7 West 7th Ave, Vancouver, BC, Canada, V5Y 1L4 © 2026 TradableBits Media Inc.
Names, logos, and trademarks mentioned herein are the property of their respective owners (“Third-Party Owners”)
Any feedback received through support queries or inquiries is owned by TradableBits Media Inc.
All rights reserved.