First Name

Nickname

By creating an account you are agreeing to the Terms of Service and Privacy Policy.

Terms of Service

Effective Date: July 8, 2025

Huntbug Private Ltd. (“Huntbug,” “we,” “us,” or “our”) operates a crowdsourced bug bounty platform at https://huntbug.com (the “Platform”), which connects Security Researchers with private and public programs, including Vulnerability Disclosure Programs (VDP) and Bug Bounty Programs (BBP). These Terms of Service (“ToS” or “Terms”) govern your use of the Platform, whether as a Security Researcher (“Researcher”), a Company running a program (“Customer”), or any other user. By accessing or using the Platform, you agree to be bound by these Terms. If you do not agree to these Terms, you may not use the Platform.

These Terms apply to all users of the Platform, including but not limited to Researchers and Customers. By using the Platform, you represent and warrant that you have the legal capacity to enter into these Terms and that you will comply with all applicable laws and regulations, including but not limited to the General Data Protection Regulation (GDPR) in the European Union and the California Consumer Privacy Act (CCPA) in the United States.

1. Account Creation and Eligibility

1.1 Eligibility: To use the Platform, you must create an account. You must be at least 18 years old to create an account and use the Platform. You represent and warrant that you have the legal capacity to enter into these Terms and that you will comply with all applicable laws and regulations when using the Platform.

1.2 Account Responsibilities: You are responsible for maintaining the confidentiality of your account credentials and for all activities that occur under your account. You agree to notify Huntbug immediately of any unauthorized use of your account.

2. Use of the Platform

2.1 Permitted Use: You agree to use the Platform only for lawful purposes and in accordance with these Terms. The Platform is intended to facilitate the submission of vulnerability reports by Researchers and the management of VDP and BBP by Customers.

2.2 Prohibited Activities: You shall not:

Engage in any activity that interferes with or disrupts the Platform or the servers and networks connected to the Platform.
Attempt to gain unauthorized access to any portion of the Platform or any other systems or networks connected to the Platform.
Use the Platform to transmit any worms, viruses, or any code of a destructive nature.
Violate any applicable laws, including but not limited to intellectual property laws, data protection laws, or computer misuse laws.

2.3 Compliance with Program Policies: Each program on the Platform may have its own rules and scope, which you agree to follow when participating in that program.

3. Terms for Researchers

3.1 Vulnerability Reports: By submitting a vulnerability report (“Report”) to a program on the Platform, you agree that the Report is your original work and that you have not disclosed it to any third party before submitting it to the program, unless otherwise permitted by the program’s rules.

3.2 License to Reports: You grant Huntbug and the program owner a non-exclusive, royalty-free, worldwide, perpetual license to use, reproduce, modify, adapt, publish, translate, create derivative works from, distribute, and display your Report for the purpose of validating, mitigating, and disclosing the vulnerability.

3.3 Waiver of Moral Rights: You acknowledge that Huntbug and the program owner may use your Report to improve their products and services, and you waive any moral rights you may have in the Report.

3.4 Confidentiality: You agree to keep the vulnerability confidential until the program owner has had a reasonable opportunity to address it, as determined by the program’s disclosure policy. Unauthorized disclosure may result in termination of your account and forfeiture of any bounties.

3.5 Safe Harbor: Huntbug will not pursue legal action against Researchers for security research conducted in good faith and in accordance with these Terms and the applicable program’s rules, provided such activities do not violate applicable laws, including the U.S. Computer Fraud and Abuse Act.

4. Terms for Customers

4.1 Program Creation: By creating a program on the Platform, you agree to set clear rules and scopes for the program, including what is in scope and out of scope for vulnerability submissions.

4.2 Report Management: You are responsible for reviewing and responding to Reports submitted to your program in a timely manner. Huntbug may provide tools to assist with this process but is not responsible for your program’s operations.

4.3 Bounty Payments: You agree to pay bounties to Researchers as per the terms of your program and these Terms. Huntbug may facilitate payments but is not liable for any disputes between you and Researchers regarding bounties.

4.4 Promotional Rights: You grant Huntbug the right to display your program on the Platform and to use your name and logo for promotional purposes, unless otherwise agreed in writing.

5. Intellectual Property

5.1 Platform Content: All content on the Platform, including but not limited to text, graphics, logos, and images, is the property of Huntbug or its licensors and is protected by copyright, trademark, and other intellectual property laws.

5.2 Restrictions: You may not reproduce, distribute, or create derivative works based on any content on the Platform without Huntbug’s prior written consent, except as necessary to use the Platform as permitted by these Terms.

5.3 User Content: You retain ownership of any content you submit to the Platform, such as Reports, but grant Huntbug the licenses necessary to operate the Platform, as described in Section 3.2.

6. Payments

6.1 Bounty Payments: Bounties will be paid to Researchers in accordance with the program’s bounty policy. Huntbug may facilitate these payments but is not responsible for determining bounty amounts or resolving disputes between Researchers and Customers.

6.2 Service Fees: Huntbug may charge fees for its services, as detailed in the applicable program or service agreement. Fees are non-refundable unless otherwise specified.

6.3 Currency and Taxes: All payments will be made in the currency specified by the program. You are responsible for any currency conversion fees or taxes applicable to payments made or received through the Platform.

7. Liability and Indemnification

7.1 Limitation of Liability: To the fullest extent permitted by law, Huntbug shall not be liable for any direct, indirect, incidental, special, consequential, or exemplary damages arising out of or in connection with the use of the Platform, even if Huntbug has been advised of the possibility of such damages. This includes, but is not limited to, damages for loss of profits, goodwill, data, or other intangible losses.

7.2 Indemnification: You agree to indemnify and hold Huntbug, its affiliates, officers, directors, employees, and agents harmless from any claims, damages, losses, liabilities, costs, and expenses (including reasonable attorneys’ fees) arising out of or in connection with your use of the Platform, your breach of these Terms, or your violation of any law or the rights of a third party.

7.3 Force Majeure: Huntbug shall not be liable for any damages or losses resulting from events beyond its reasonable control, including but not limited to acts of God, natural disasters, wars, civil disturbances, strikes, interruptions or failure of telecommunications or internet services, or any other cause beyond Huntbug’s control.

7.4 Data Breaches: In the event of a data breach or unauthorized access to your information due to circumstances beyond Huntbug’s reasonable control, such as hacks, Huntbug shall not be liable for any damages or losses incurred, provided that Huntbug has taken reasonable steps to prevent such breaches and to notify affected users in accordance with applicable laws.

7.5 Statutory Rights: Nothing in these Terms shall exclude or limit Huntbug’s liability for fraud, death, or personal injury caused by its negligence, or any other liability that cannot be excluded or limited under applicable law.

8. Privacy and Security

8.1 Privacy Policy: Your use of the Platform is also governed by our Privacy Policy, available at https://huntbug.com/privacy-policy , which is incorporated herein by reference. By using the Platform, you consent to the collection and use of your personal information as described in our Privacy Policy.

8.2 Security Measures: Huntbug is committed to protecting your data and has implemented robust security measures, including obtaining ISO 27001 certification, to ensure the confidentiality, integrity, and availability of your information. However, no system is entirely secure, and Huntbug cannot guarantee absolute protection against unauthorized access.

9. Termination

9.1 Termination by Huntbug: Huntbug may terminate or suspend your access to the Platform at any time, with or without cause, and with or without notice, including for violations of these Terms or applicable program policies.

9.2 Effect of Termination: Upon termination, all rights granted to you under these Terms will cease, and you must immediately cease all use of the Platform. Sections 5, 7, 8, 10, and any other provisions that by their nature should survive termination will remain in effect.

10. Governing Law and Dispute Resolution

10.1 Governing Law: These Terms shall be governed by and construed in accordance with the laws of the State of California, without regard to its conflict of law provisions.

10.2 Arbitration: Any dispute arising out of or relating to these Terms or your use of the Platform shall be resolved through binding arbitration in San Francisco, California, in accordance with the rules of the American Arbitration Association. The arbitration shall be conducted by a single arbitrator, and the decision of the arbitrator shall be final and binding. Each party shall bear its own costs and attorneys’ fees, unless otherwise determined by the arbitrator.

10.3 Class Action Waiver: You agree that any dispute resolution proceedings will be conducted only on an individual basis and not in a class, consolidated, or representative action.

11. Changes to Terms

11.1 Modifications: Huntbug may modify these Terms at any time by posting the revised Terms on the Platform. Your continued use of the Platform after such changes constitutes your acceptance of the revised Terms. If you do not agree to the revised Terms, you must stop using the Platform.

11.2 Notification: Huntbug will endeavor to notify users of significant changes to these Terms via email or Platform notifications, but it is your responsibility to review the Terms periodically.

12. Miscellaneous

12.1 Entire Agreement: These Terms, together with the Privacy Policy and any applicable program policies, constitute the entire agreement between you and Huntbug regarding your use of the Platform.

12.2 Severability: If any provision of these Terms is found to be invalid or unenforceable, the remaining provisions will remain in full force and effect.

12.3 No Waiver: Huntbug’s failure to enforce any right or provision of these Terms will not constitute a waiver of such right or provision.

13. Contact Information

If you have any questions or concerns about these Terms, please contact us at:

Huntbug Private Ltd.
44 Montgomery St, San Francisco, CA 94104, United States
Email: security@huntbug.com

Compliance Table

Regulation/Standard	Key Features Addressed
GDPR	Compliance with data protection laws, reference to Privacy Policy, user rights, and international data transfers.
CCPA	Non-discrimination for exercising privacy rights, clear data use disclosures, and no data sales.
ISO 27001	Highlighted security measures to assure users of data protection practices.
U.S. Computer Fraud and Abuse Act	Safe harbor for good-faith security research, protecting Researchers from legal action.

References

Privacy Policy

Last Updated: July 8, 2025

Huntbug Private Ltd. (“Huntbug,” “we,” “us,” or “our”) operates a crowdsourced bug bounty platform at [https://huntbug.com] (the “Platform”), connecting Security Researchers with private and public programs, including Vulnerability Disclosure Programs (VDP) and Bug Bounty Programs (BBP). We are committed to protecting your privacy and ensuring the security of your personal data. This Privacy Policy explains how we collect, use, store, and disclose your personal information when you use our Platform. By using our Platform, you agree to the terms of this Privacy Policy.

1. Information We Collect

We collect various types of information from you when you use our Platform to provide our services and enhance your experience. The information is categorized as follows:

Personal Information

Category	Examples
Identifiers	Name, email address, username
Contact Information	Mailing address, telephone number (if provided)
Financial Information	Payment card details (if you make payments through our Platform)
Professional Information	Skills, experience, education (for researchers)
Communication Data	Content of reports, messages, chats on our Platform
Other Information	Profile picture, time zone, language preferences

Device and Usage Information

Category	Examples
Technical Data	IP address, browser type and version, operating system, device type
Usage Data	Referring website or search terms, pages visited, clickstream data
Tracking Technologies	Cookies and similar technologies

2. How We Collect Information

We collect information through:

Direct Interactions: When you register, submit reports, or communicate with us.
Automated Technologies: Via cookies, server logs, and analytics tools.
Third Parties: From service providers (e.g., payment processors) or publicly available sources.

3. How We Use Your Information

We use your information for the following purposes:

Service Delivery: To provide, maintain, and improve our Platform, including processing transactions and managing programs.
Communication: To send notifications, updates, or respond to inquiries.
Personalization: To tailor your experience based on your preferences.
Analytics: To analyze usage patterns and improve our services.
Security: To detect and prevent fraud or unauthorized access.
Legal Compliance: To meet regulatory requirements.

For users in the European Economic Area (EEA), our legal bases for processing include:

Purpose	Legal Basis
Service Delivery	Performance of a contract
Personalization, Analytics, Security	Legitimate interests
Marketing	Consent (where required)

4. Data Sharing and Disclosure

We may share your personal information with:

Service Providers: For hosting, payment processing, or analytics, under strict confidentiality agreements.
Legal Authorities: To comply with legal obligations or respond to lawful requests.
Business Transfers: In connection with mergers, acquisitions, or similar transactions.

We do not sell your personal information to third parties for their marketing purposes, as defined under CCPA.

5. Data Security

We implement robust technical and organizational measures to protect your data, as evidenced by our ISO 27001 certification. These include encryption, access controls, and regular security assessments. However, no internet transmission or storage system is 100% secure, and we cannot guarantee absolute protection against unauthorized access, such as hacks or other unforeseen events.

6. Data Retention

We retain personal information only as long as necessary for the purposes outlined above, or as required by law. For example:

Data Type	Retention Period
Account Information	Until account deletion or as needed for legal obligations
Communication Data	As long as required for service delivery or dispute resolution
Device Data	Typically up to 12 months for analytics

Data no longer needed is deleted or anonymized.

7. Your Rights

Depending on your location, you have the following rights:

Access: Request details of your personal data we hold.
Rectification: Correct inaccurate data.
Erasure: Request deletion of your data (right to be forgotten).
Restriction: Limit how we process your data.
Portability: Receive your data in a structured format.
Objection: Object to processing based on legitimate interests.
Automated Decisions: Rights regarding automated decision-making (not currently applicable).

For California residents under CCPA:

Right to Know: Request categories and specific pieces of personal information collected in the past 12 months.
Right to Delete: Request deletion of your data.
Right to Opt-Out: Opt out of data sales (not applicable, as we do not sell data).
Non-Discrimination: No discrimination for exercising your rights.

To exercise these rights, contact us at security@huntbug.com. You may also lodge a complaint with a supervisory authority in your EEA member state or contact the California Attorney General’s office.

8. International Data Transfers

Our Platform is hosted in the United States, and data may be transferred to and processed there. For EEA users, we use safeguards like standard contractual clauses to ensure compliance with GDPR when transferring data outside the EEA. For more information, see European Commission: Standard Contractual Clauses.

9. Cookies and Similar Technologies

We use cookies to enhance functionality, security, and analytics. For details, refer to our Cookie Policy.

10. Children’s Privacy

Our Platform is not intended for users under 18. We do not knowingly collect data from children. If you believe a child has provided data, contact us to have it removed.

11. Changes to This Privacy Policy

We may update this policy to reflect changes in practices or laws. Updates will be posted on this page with a revised “Last Updated” date. Significant changes will be communicated via email or Platform notifications.

12. Contact Us

For questions or to exercise your rights, contact us at: