If you discover a security vulnerability, please email us at security@gitclear.com. Upon discovering a vulnerability, we ask that you act in a way to protect our users' data:

Inform us as soon as possible.

Test against fake data and accounts, not our users' private data (please ask if you'd like a free account to work on this).

Work with us to close the vulnerability before disclosing it to others

We guarantee response within one business day, most likely much less.


If you would like to send an encrypted message, please sign using our public PGP key:

-----BEGIN PGP PUBLIC KEY BLOCK----- mQENBF4fv4EBCADXdJp6Js9cqplvShgFGzNAK8PtYfJhjtw+9vTBu+MR97w4x0Fl Q9VEbHSdF/OBLNDFszOeCEQ3SeHqoSOfsJMS8PO/ROP3SrUvRYWrIcOYUkR0sxg8 JChzT58S87fjGiZ1fuAyk+LKtb859JUzqGlDX2e2+baW6lPxXnv2Avl0cbLiv+a6 lVRmQzXBAsHgRWV3VoB3HLw+niKVy8UHH9Jgsc/Uyu9GPb7lh4FBFCVvgLES7mK9 0pq1rtHx9bCj9W+E9JLfvDpTvag0ldpQpcqKuYZMZcvmBRDA8SdTMkEXmUQUiRH6 pDUZxLX2sSm5B78SW4sqF/Xuhs+UFs/drtdRABEBAAG0IEJpbGwgSGFyZGluZyA8 YmlsbEBnaXRjbGVhci5jb20+iQFUBBMBCAA+FiEEoHNj2HR+aFrMpQEjMXVZ5QIa fBYFAl4fv4ECGwMFCQPCZwAFCwkIBwIGFQoJCAsCBBYCAwECHgECF4AACgkQMXVZ 5QIafBbUUQf/a4ODpt9kNgpIWVtTVKGSHlTctrcEjfLqi/1bFienvhrW2omvq3Pr qpYToUZ9qK1TfZcvnjh+0F5IWeiNhIl13kmII+19vbjri5iDNQ0up3tpMeu+hJX5 3RHT/3WwT3F6gI6f+r3iFlyy5xq+q6t7TitRPguuGQFm1VXabiTfNZxhLhPJQz6q 2GXR6fYgToc52CtIDMozNF3vmV7qeV4k5IOXmcN4yL51bf3muOGTYstmG4hZmJg4 NyCYOL5/0TxLMIPH9D1K4j3/0BdXBO9+9LdYD4HVLFG0PSGki/jrEdoEhWFJU9tO ffnep82IuRVTJb1R+vSnbYZBB/buWHKCqLkBDQReH7+BAQgA5xOyz6J1SrYFim5X ZXxblJfT4gwVhdfttugQ+p/7HpP9KlhEZhN+sVULR2A2nslFxMRtuk4Mtx1sWS/5 CyQmPFAHdITaig955pqighl5iv3ztDVgjdaUyveU/S3WTowDjKm/SP6H/PBFFL9G miHJcA6KTLDU4eqRT//68LG4L/Yvc2jVF1NTNRKs0ZpzRNbqWoSp3g4u3lrrgbVg 0LTbHx7tKh+eKYI/roHaKZ5cqlD5yYLB2rrEzmvXPK9szujZh+7OQ25K9ObsRsMB p/EMNnjEAAKXpwqG6t7zmJHca1Nhz+V1FVdJWCQp9cEsaQ8i3FeXF6Nj1SH3+SJP bya2LwARAQABiQE8BBgBCAAmFiEEoHNj2HR+aFrMpQEjMXVZ5QIafBYFAl4fv4EC GwwFCQPCZwAACgkQMXVZ5QIafBYTKAf+OYDxAvJ6fmAAuYakXqBs5I7ZjFJq7NnV iXXXv2G1lkd5FrbeExeE5Q41l4UaNMEYphjXEconoMGza2DJABZm94RihKNI09Gd v8W45RgfC7N05HSudLQYsHmLEdA6h+wPBKivEU72nM98cQKqi6byu6mbFgwCfxOg dHdKt9G4E4+2HkDJc4BYcAHTqgsaOdOhHaqtdQCkDErxSwNMQXOEIPrHPkWs2zeZ eRpzLx72FQ2J9zfJ46UWg6CmX7OE2vYByQGSVYKlDca0/HVhiIAM/sfLAZFXPVLO bQvE6UxikoQQZ/NF5ljcxkkm3qZm3P1/F7X5axZCxFze+iaPAwbHsg== =21ks

We are open to discussing payment to security testers who can present us with significant security vulnerabilities that we can verify exist in our product. Though we are still a relatively small company, we aim to make payouts in the $500-1000 range for valid issues brought to our attention. We are also open to publicly recognizing contributions made by security researchers who responsibly disclose improvement opportunities to us.