← Back to Home

Terms of Service

Last updated: January 8, 2026

1. Acceptance of Terms

By accessing or using the BugSpot ("Service"), you agree to be bound by these Terms of Service ("Terms"). If you do not agree to these Terms, you may not use the Service.

We reserve the right to modify these Terms at any time. Your continued use of the Service after changes constitutes acceptance of the modified Terms.

2. Eligibility

To use the Service, you must:

  • Be at least 18 years of age
  • Have the legal capacity to enter into binding contracts
  • Not be prohibited from using the Service under applicable laws
  • Comply with all local, state, national, and international laws

3. Account Registration

When creating an account, you agree to:

  • Provide accurate, current, and complete information
  • Maintain the security of your password and account
  • Notify us immediately of any unauthorized access
  • Be responsible for all activities under your account
  • Not share your account credentials with others
  • Use your real identity and not impersonate others

4. Vulnerability Disclosure Rules

4.1 Permitted Activities

Security researchers may:

  • Test systems within the defined program scope
  • Report discovered vulnerabilities through the platform
  • Provide proof-of-concept demonstrations that do not cause harm
  • Communicate with administrators through the platform

4.2 Prohibited Activities

You may NOT:

  • Test systems outside the defined program scope
  • Perform denial-of-service (DoS) or resource exhaustion attacks
  • Access, modify, or delete data that does not belong to you
  • Execute social engineering attacks against employees or users
  • Conduct physical testing of facilities or systems
  • Publicly disclose vulnerabilities before coordinated disclosure
  • Demand payment or ransom for vulnerability information
  • Submit spam, duplicate, or low-quality reports

4.3 Safe Harbor

We will not pursue legal action against researchers who follow these Terms and act in good faith. This includes activities such as:

  • Testing systems within the defined scope
  • Avoiding privacy violations and data destruction
  • Following responsible disclosure practices
  • Not exploiting vulnerabilities beyond what is necessary for demonstration

5. Report Submissions

5.1 Quality Standards

Valid reports must:

  • Describe a legitimate security vulnerability
  • Include clear steps to reproduce the issue
  • Provide accurate severity and impact assessments
  • Be original (not previously reported)
  • Fall within the program scope

5.2 Invalid Reports

Reports may be rejected if they:

  • Are duplicates of existing reports
  • Fall outside the program scope
  • Lack sufficient detail or proof
  • Describe issues with no security impact
  • Relate to known or documented issues
  • Result from automated scanning without validation

5.3 Intellectual Property

By submitting a report, you grant us a non-exclusive, worldwide, royalty-free license to use the information to remediate vulnerabilities. You retain ownership of your original research.

6. Rewards and Payments

6.1 Eligibility

Rewards are provided at our sole discretion and may be awarded for:

  • Valid, original vulnerability reports
  • Reports meeting quality standards
  • Vulnerabilities within program scope
  • Compliance with these Terms

6.2 Reward Determination

Reward amounts are based on:

  • Severity and impact of the vulnerability
  • Quality and clarity of the report
  • Novelty of the finding
  • Published reward guidelines

6.3 Payment Processing

  • Payments are processed via PayPal or Venmo
  • You are responsible for applicable taxes
  • Payment may be delayed pending verification
  • We reserve the right to withhold payment for Terms violations

7. Confidentiality

You agree to:

  • Keep vulnerability details confidential until coordinated disclosure
  • Not share sensitive information with unauthorized parties
  • Follow our disclosure timeline (typically 90 days)
  • Obtain written permission before public disclosure

8. User Conduct

You agree NOT to:

  • Use the Service for illegal activities
  • Harass, threaten, or abuse other users or administrators
  • Submit false, misleading, or fraudulent information
  • Attempt to bypass security controls or rate limits
  • Reverse engineer or decompile the platform
  • Use automated tools to scrape or mine data
  • Create multiple accounts to circumvent restrictions

9. Termination

We may suspend or terminate your account if you:

  • Violate these Terms or our policies
  • Engage in fraudulent or malicious activities
  • Submit low-quality or spam reports
  • Harass other users or administrators
  • Fail to comply with legal obligations

You may terminate your account at any time by contacting us. Upon termination, your access will be revoked, but certain data may be retained per our Privacy Policy.

10. Disclaimers

THE SERVICE IS PROVIDED "AS IS" AND "AS AVAILABLE" WITHOUT WARRANTIES OF ANY KIND, EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, AND NON-INFRINGEMENT.

We do not guarantee that the Service will be:

  • Available at all times or without interruptions
  • Free from errors, bugs, or security vulnerabilities
  • Compatible with all devices and browsers
  • Suitable for your specific purposes

11. Limitation of Liability

TO THE MAXIMUM EXTENT PERMITTED BY LAW, WE SHALL NOT BE LIABLE FOR ANY INDIRECT, INCIDENTAL, SPECIAL, CONSEQUENTIAL, OR PUNITIVE DAMAGES, INCLUDING BUT NOT LIMITED TO LOSS OF PROFITS, DATA, OR GOODWILL, ARISING FROM:

  • Your use or inability to use the Service
  • Unauthorized access to your account or data
  • Errors, mistakes, or inaccuracies in the Service
  • Personal injury or property damage related to your use
  • Third-party conduct or content

Our total liability shall not exceed the amount paid by you in the twelve (12) months preceding the claim, or $100, whichever is greater.

12. Indemnification

You agree to indemnify, defend, and hold harmless BugSpot, its officers, directors, employees, and agents from any claims, damages, losses, liabilities, and expenses (including legal fees) arising from:

  • Your violation of these Terms
  • Your violation of applicable laws or regulations
  • Your infringement of third-party rights
  • Your use of the Service

13. Dispute Resolution

13.1 Informal Resolution

Before filing a claim, you agree to contact us to attempt to resolve the dispute informally. We will work with you in good faith to reach a resolution.

13.2 Arbitration

If informal resolution fails, disputes will be resolved through binding arbitration in accordance with the rules of the American Arbitration Association. The arbitration will be conducted in [Your Jurisdiction], and judgment may be entered in any court of competent jurisdiction.

13.3 Class Action Waiver

You agree to resolve disputes on an individual basis only. You waive the right to participate in class actions, class arbitrations, or representative actions.

14. Governing Law

These Terms are governed by the laws of [Your Jurisdiction], without regard to conflict of law principles. You consent to the exclusive jurisdiction of courts in [Your Jurisdiction].

15. Severability

If any provision of these Terms is found to be invalid or unenforceable, the remaining provisions will continue in full force and effect.

16. Entire Agreement

These Terms, together with our Privacy Policy and any other legal notices published on the Service, constitute the entire agreement between you and BugSpot.

17. Contact Information

For questions about these Terms, please contact us at:

Email: [email protected]

Address: 444 Castro Street, Suite 1000, Mountain View, CA 94041, USA

Privacy Policy →Back to Home