At Prodege, your privacy and security are critically important to us. We take the protection of our platforms seriously and appreciate the efforts of the security community in helping us protect our users and partners.
If you’ve discovered a potential security vulnerability in any of our services — including Swagbucks, MyPoints, InboxDollars, Tada, or any other Prodege brand — we want to hear from you.
How to Report
Please email us at: disclosure@prodege.com
When submitting a report, include:
- A detailed description of the issue
- Steps to reproduce the vulnerability
- Affected domain, app, or API
- Supporting materials (screenshots, logs, PoC code)
- Your contact information
Note: This email address is intended solely for reporting technical security vulnerabilities. Non-security-related inquiries will not receive a response through this channel.
Bug Bounty
While Prodege does not currently operate a formal bug bounty program, our security team carefully investigates all credible reports. We’re grateful for the time and skill of security researchers and will always treat submissions seriously and respectfully.
What to Expect
- Acknowledge your submission within 3 business days
- Begin investigation and verification promptly
- Communicate progress if further info is needed
- Notify you once remediation is complete
Responsible Research Guidelines
- Avoid actions that could harm users or disrupt services
- Do not access or alter data that isn’t yours
- Allow us reasonable time to resolve the issue before disclosing it publicly
- Comply with applicable laws during your research
In Scope
We welcome reports that affect:
- Prodege.com and affiliated domains
- Our mobile apps and public APIs
- Swagbucks, InboxDollars, MyPoints, Tada, and other Prodege properties
Out of Scope
We typically do not accept reports for:
- Phishing/social engineering
- Denial-of-service (DoS) attacks
- Brute-force attempts
- Vulnerabilities in third-party providers
- Issues without demonstrable security impact (e.g., missing headers)
Safe Harbor
We believe in good-faith security research. If you follow this policy:
- We will not initiate legal action
- We will consider your activity authorized
- We will work with you to understand and resolve the issue
Recognition
While we don’t offer cash rewards, we’re happy to:
- Acknowledge meaningful contributions in our Security Hall of Fame; Acknowledgements & Credits
- Provide a letter of recognition or thank-you certificate upon request
Questions?
Questions or feedback about this policy? Let us know at disclosure@prodege.com.