We take security seriously and welcome responsible disclosure of vulnerabilities.
1. Security Measures
- Encryption in transit for data sent to and from the Service.
- Access controls and auditing for sensitive systems.
- Monitoring for abuse and suspicious activity.
2. Responsible Disclosure
If you believe you have found a vulnerability, please contact us at support@onesong.cc with details and steps to reproduce.
3. Testing Guidelines
- Do not access or modify data that does not belong to you.
- Do not perform denial-of-service testing.
- Do not use social engineering or phishing against our users.
- Do not publish vulnerabilities before we have had a reasonable chance to address them.
4. Safe Harbor
We will not pursue legal action against researchers who act in good faith and follow these guidelines. This does not grant you any rights beyond what is stated here.