Responsible Disclosure Policy

Home | Responsible Disclosure Policy

Responsible Disclosure Policy

Effective Date: June 2, 2025

TAWCKS WORLD is committed to ensuring the security of our digital assets, products, and services. We value the contributions of ethical security researchers and members of the public who help us identify and fix vulnerabilities.

1. Purpose

The purpose of this policy is to provide clear guidelines for security researchers who wish to report potential vulnerabilities responsibly, and to outline how TAWCKS WORLD will respond.

2. Scope

This policy applies to vulnerabilities discovered in:

  • Any public-facing website or service owned or operated by TAWCKS WORLD
  • Any applications, platforms, or systems developed or maintained by TAWCKS WORLD

3. Guidelines for Responsible Disclosure

We request that security researchers:

  • Act in good faith to avoid privacy violations, data destruction, or service disruption
  • Provide detailed information to help us reproduce and fix the issue
  • Avoid accessing or modifying data that is not your own
  • Do not publicly disclose vulnerabilities without our express permission

4. What to Include in Your Report

To help us understand and resolve the issue quickly, please include:

  • A clear description of the vulnerability and its potential impact
  • Steps to reproduce the issue
  • URLs, screenshots, sample scripts or code (if applicable)
  • Your contact details for follow-up

5. How to Report a Vulnerability

Please report potential security issues to:
Email: connect@tawcks.world

We will acknowledge your report within 7 business days and strive to provide regular updates during the remediation process.

6. What You Can Expect from Us

If you follow this policy and act in good faith, TAWCKS WORLD will:

  • Promptly acknowledge your report
  • Investigate and remediate valid issues as quickly as possible
  • Not pursue legal action related to your disclosure if conducted responsibly
  • Attribute credit (if desired and applicable) in any public advisories

7. Exclusions

The following types of issues are generally considered out of scope for this policy:

  • Social engineering or phishing attempts
  • Physical security vulnerabilities
  • Distributed Denial-of-Service (DDoS) attacks
  • Automated scans or brute-force tools
  • Issues in third-party software or services not controlled by TAWCKS WORLD

8. Legal Safe Harbor

If you act in accordance with this policy and in good faith, your research activities will be considered authorised. We will not initiate legal action against you for lawful disclosures submitted through the proper channels.

9. Updates to This Policy

We may update this policy periodically. Please refer to this page for the latest version. Significant changes will be highlighted.

10. Contact Us

For questions about this policy or additional security matters:

TAWCKS WORLD PTY. LTD.
Lyndhurst, Melbourne, Victoria
Email: connect@tawcks.world
Phone: 0452604422

Scroll to Top