Report security issues

If you find a security breach on BULULU, we encourage you to send us a message immediately. We will review all legal loophole reports and do our best to resolve the issue quickly. Please read this document carefully before reporting, including the basic principles, bounty plan, reward guidelines, and content that should not be reported.

The basic principle
If you comply with the following principles when reporting security issues to BULULU, we will not file a lawsuit or law enforcement investigation against your report. we need:

1. Before disclosing any information about the report or sharing such information with others, you should give us reasonable time to review and resolve the issues you reported.

2. If the account owner does not agree to such operations, you must not interact with the personal account (including modifying or accessing the data in the account).

3. You make sincere efforts to avoid invasion of privacy and interference with others, including (but not limited to) destroying data and interrupting or reducing our services.

4. You must not use the security issues you find for any reason. (This includes proving other risks, such as attempting to corrupt sensitive company data or detecting other issues.)

5. You have not violated any other applicable laws or regulations.

Bounty program
We recognize and reward security researchers who help us keep people safe by reporting vulnerabilities in our services. The monetary rewards for such reports are completely determined by the silk scarf based on factors such as risks and influences. To qualify for the bounty, you first need to meet the following requirements:

1. Adhere to our basic principles (see above).

2. Reporting security vulnerabilities: that is, identifying vulnerabilities in our services or infrastructure that have security or privacy risks. (Please note that Rosegal ultimately determines the risk of the problem, and many errors are not security issues.)

3. Submit your report via our “” email, and reply to the report and provide any updates. Please do not contact employees directly or report through other channels.

4. If you inadvertently cause privacy violations or interruptions (such as access to account data, service configuration or other confidential information) when investigating issues, please be sure to disclose in your report.

5. We investigate and respond to all valid reports. However, due to the large number of reports we have received, we will prioritize the assessment based on factors such as risks, and it may take some time for you to receive a response.

6. We reserve the right to publish reports.

Close My Cart
Close Wishlist
Recently Viewed Close