Responsible Disclosure

SERACLE SOFTWARE INDIA PRIVATE LIMITED. (“Company”, "We", "Us", or "Our") is a federal incorporation company owns and operates the website ‘’ (collectively referred to as the “Platform”) and DBA as ‘Seracle’ (referred to as the “Platform”) and has its registered office at Office 307, Tower 1, World Trade Center, Pune, Maharashtra 411014. 

We intend to provide our users (“You”, “Your” or “Users”) with the best quality Services on our Platform that is hassle free and seamless. Before using Our Platform and any of Our Services, We want to provide You with the necessary information about certain risks associated with the use of our Platform and our Services.

Please read this risk disclosure policy (“Risk Disclosure Policy”) carefully prior to using or registering on the Platform or accessing any material, information or availing any Services through the Platform. This Risk Disclosure Policy is incorporated into and subject to Our terms of use available at (“Terms”) and shall be read harmoniously and in conjunction with such Terms. All capitalized terms used and not defined in this Risk Disclosure Policy shall have the meaning ascribed to them under the Terms (such as the Privacy Policy and the AML and KYC Policy).

The information contained on this Website for Users is for general information purposes only and the information presented in the form of this Risk Disclosure is neither comprehensive nor exhaustive and You are advised to consider all supplementary, associated, and other risks before accessing the Platform and the Services. By visiting the Platform or setting up/creating an Account on the Platform for availing the Services, You accept and agree to be bound by the Terms. If You do not agree or understand any part of these Terms, please refrain from using the Platform or/and availing our Services.

We retain an unconditional right to modify or amend this Risk Disclosure Policy without any obligation to notify You of the same. You can determine when this Risk Disclosure Policy was last modified by referring to the “Updated on” legend above. We will endeavor to update You on material changes to this Risk Disclosure Policy, but it shall be your responsibility to check this Risk Disclosure Policy periodically for changes. Your use of the Platform after such change(s) signifies your acceptance to the amended Risk Disclosure Policy and shall also signify your consent to such change(s) and agreement to be legally bound by the same.

Seracle considers trust and the protection of our customers' data as a highest priority. Therefore, Seracle takes the security of our systems extremely seriously. Seracle looks forward to working with the security community to find vulnerabilities in order to keep our businesses and customers safe.

It is our endeavor that the information provided on the Website is up to date and correct, however, we make no representations or warranties of any kind, express or implied, about the completeness, accuracy, reliability, suitability or availability with respect to the Website or the information, products, services, or related graphics contained on the website for any purpose. Any reliance you place on such information is therefore strictly at your own risk. Unless stated otherwise, any and all information, product, services, availability of such products and services on the Website are just input by deSign and deSign shall never be liable for the same.

Every effort is made to keep the Website and/or the Platform up and running smoothly. However, Seracle takes no responsibility for, and will not be liable for, the Website being temporarily unavailable due to technical issues beyond our control.


1.1. You acknowledge that the Platform and Services, (including without limitation all content, facilities, and functions thereby made available) are provided by Us on an “as is” and “as available” basis with no warranties whatsoever.

1.2. You hereby acknowledge and agree that We are not a financial institution, bank, credit union, trust, hedge fund, broker or investment or financial advisor, and are not subject to the same laws, regulations, directives or requirements applicable to such persons.

1.3. You acknowledge and agree that no oral or written information provided by Us or Our officers, directors, employees, or agents, nor any information obtained through the Services or the Platform, will or shall constitute investment, or financial advice. You are solely and exclusively responsible for all trading decisions made by You while using the Services. We are merely a technology platform, and you are solely and entirely responsible for the legal, regulatory and tax compliance of all Transactions carried out by You by using the Platform and the Services.

1.4. To the fullest extent permitted by Applicable Law, We disclaim all representations, conditions and warranties of any kind, whether express, implied, statutory or otherwise, in relation to the Platform and Services, including without limitation to all conditions and warranties of satisfactory quality, accuracy, completeness, correctness, currency, timeliness, reliability, availability, title, quality, merchantability, interoperability, security, fitness for a particular purpose, non-infringement or that the Platform and Services or any functions associated therewith will be without failure, delay, interruption, viruses (or other malicious or corrupting code or programs) or error.

1.5. Internet communications may be susceptible to interference or interception by third parties. Such interference or interception may include cyber-attacks, distributed denials of service or errors, malicious exploitation of defects or vulnerabilities associated with the source codes associated with the Platform. Where appropriate, We may use available technology to protect the security of the Platform. 

1.6. To the maximum extent permitted under Applicable Laws, We make no warranties that the Platform is free of interference or interception by third parties, or other unauthorized software, and disclaim all liability for the security, authenticity, integrity or confidentiality of any transactions made through the Platform.

1.7. Your access to and/or use of the Platform may be interrupted, suspended or restricted (i) where We provide maintenance, support, update or other services in relation to the Platform; or (ii) by no fault Ours, due to reasons attributable to third parties. We will notify You with reasonable notice prior to performing any scheduled maintenance, support, updates, repairs, or other services in relation to the Platform, if We expect that the intended activities will materially disrupt the availability of the Platform. In all other cases where the availability of the Platform is materially disrupted for any reason, We will promptly notify the You of the said disruption and assist the You with the provision of a temporary workaround, if any.

1.8 In no event will we at Seracle be liable for any loss or damage including without limitation, indirect or consequential loss or damage, or any loss or damage whatsoever arising from loss of data or profits arising out of, or in connection with, the use of this Website.


Our Platform may provide links to other third - party platforms (“Third – Party Sites”) that You may access while You are accessing our Platform and Services. You understand that We are not in any manner responsible for content of such Third – Party Sites along with any services offered on such Third - Party Sites.

These Third – Party Sites may have their own terms, privacy policies and risk disclosures policies governing Your use and access of such Third – Party Sites. This Risk Disclosure Policy does not govern Your use of Third-Party Sites. We recommend that when You enter a Third-Party Site, You review the Third-Party Site’s terms, privacy policy and risk disclosure as it relates to Your activities on such Third – Party Sites. You agree and acknowledge that We are not liable in any manner for your use/access of any Third-Party Sites.


Then you should be aware that there is so much risk in the virtual digital asset and you should not be divulge in things which are not Every effort should be made to for the awareness of your own risk and carefully especially.


Seracle will make a best effort to meet the following SLAs for hackers participating in our program:
Type of Response SLA in business days
First Response 5 days
Time to Triage 10 days
Time to Resolutions depends on severity and complexity
We'll try to keep you informed about our progress throughout the process.


As this is a private program, please do not discuss this program or any vulnerabilities (even resolved ones) outside of the program without express consent from the organization.


1. Please provide detailed reports with reproducible steps. If the report is not detailed enough to reproduce the issue, the issue may not be marked as triaged.
2. Submit one vulnerability per report, unless you need to chain vulnerabilities to provide impact.
3. When duplicates occur, we only triage the first report that was received (provided that it can be fully reproduced).
4. Multiple vulnerabilities caused by one underlying issue will be treated as one valid report.
5. Social engineering (e.g. phishing, vishing, smishing) is prohibited.
6. Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with explicit permission of the account holder.


When reporting vulnerabilities, please consider (1) attack scenario / exploitability, and (2) security impact of the bug. The following issues are considered out of scope:

1. Clickjacking on pages with no sensitive actions
2. Cross-Site Request Forgery (CSRF) on unauthenticated forms or forms with no sensitive actions
3. Attacks requiring MITM or physical access to a user's device.
4. Previously known vulnerable libraries without a working Proof of Concept.
5. Comma Separated Values (CSV) injection without demonstrating a vulnerability.
6. Missing best practices in SSL/TLS configuration.
7. Any activity that could lead to the disruption of our service (DoS).
8. Content spoofing and text injection issues without showing an attack vector/without being able to modify HTML/CSS
9. Rate limiting or bruteforce issues on non-authentication endpoints
10. Missing best practices in Content Security Policy.
11. Missing HttpOnly or Secure flags on cookies
12. Missing email best practices (Invalid, incomplete or missing SPF/DKIM/DMARC records, etc.)
13. Vulnerabilities only affecting users of outdated or unpatched browsers [Less than 2 stable versions behind the latest released stable version]
14. Software version disclosure / Banner identification issues / Descriptive error messages or headers (e.g. stack traces, application or server errors)
15. Tabnabbing
16. Open redirect - unless an additional security impact can be demonstratedIssues that require unlikely user interaction.


8.1 You agree to indemnify and hold harmless the Company, its officers, employees and agents against any and all liability, expenses (including attorney’s fees) and damages arising out of claims resulting from use of this Platform by You or any of Your representatives, including without limitation, any claims alleging facts that if true would constitute a breach of the Terms.

8.2. You acknowledge and agree that apart from the risks highlighted in this Risk Disclosure Policy, there may be additional risks to You on account of the Platform and Services. You assume all risks associated with the use of the Platform or the Services and the Company or its affiliates shall not undertake any liability or responsibility towards the user or any third party in respect of any liability or expenses or damages arising out of the risks highlighted in this Risk Disclosure Policy or the Terms.


Any activities conducted in a manner consistent with this policy will be considered authorized conduct and we will not initiate legal action against you. If legal action is initiated by a third party against you in connection with activities conducted under this policy, we will take steps to make it known that your actions were conducted in compliance with this policy.


This Risk Disclosure Policy and Your use of the Platform and Services shall be governed and construed in accordance with the laws of India. Seracle and yourself irrevocably consent that the courts of Maharashtra shall have exclusive jurisdiction to resolve any dispute which may arise in connection with these terms.


Please feel free to contact us at regarding any questions on the Risk Disclosure Policy.