Security Policy

Last updated: May 5, 2025

At myrobotdoll.com, we take the security and privacy of our customers seriously. If you have discovered a vulnerability in our website, services, or infrastructure, we appreciate your help in responsibly disclosing it to us.

How to Report a Vulnerability

Please send an email to: [email protected]

Include as much detail as possible, such as:

  • Steps to reproduce the issue
  • Relevant URLs or endpoints
  • Any logs, screenshots, or proof-of-concept code

Responsible Disclosure Guidelines

We ask that you:

  • Do not exploit the issue beyond what is necessary to demonstrate the vulnerability
  • Do not test against user data or attempt to access private information
  • Allow us a reasonable time to investigate and fix the issue
  • Do not publicly disclose the vulnerability until it is resolved

In return, we will:

  • Acknowledge your report within 15 business days
  • Keep you updated on our progress
  • Not pursue legal action against you for good-faith research

Acknowledgments

If you report a valid issue, you may be listed on our Hall of Fame. Let us know if you’d like to remain anonymous.

Exclusions

The following are not considered valid security issues under this policy:

  • Missing security headers (e.g., X-Frame-Options, CSP)
  • Clickjacking on non-sensitive pages
  • Reports from automated scanners without clear impact
  • Use of outdated libraries with no proven exploitability

Safe Harbor

We support responsible security research. If you act in good faith under this policy, we will consider your activities authorized and will not take legal action.

Shopping Cart
Scroll to Top