TabbPay
← Back to home

Security & Vulnerability Disclosure Policy

Effective date: 1 June 2026

TabbPay takes the security of our platform and the safety of guest, staff and payment data seriously. We welcome reports from security researchers and will work with you to understand and resolve issues quickly.


How to report

Email security@tabbpay.com with:

Our machine-readable contact details are published at /.well-known/security.txt (RFC 9116).

Scope

In scope:

Out of scope:

Safe harbour

If you make a good-faith effort to comply with this policy during your research, we will consider your testing authorised, will not pursue or support legal action against you, and will work with you to resolve the issue. Please:

What to expect

We do not currently operate a paid bug-bounty programme, but we are grateful for responsible disclosure and are happy to acknowledge contributors.