Skip to main content

Security

Security Disclosure

Last updated: July 1, 2026

Our commitment

Optimal Data Inc. builds consumer data products where trust is the product. We investigate and remediate valid security reports across our properties, starting with Optimal Shopping.

Report a vulnerability

Email hello@optshopping.com with a description, reproduction steps, and impact assessment.

  • Acknowledgment within 3 business days
  • Triage update within 10 business days for valid reports
  • Coordinated disclosure — please allow time to fix before going public

In scope

  • optimaldata.org and authenticated workspace tools
  • optshopping.com and Optimal Shopping mobile apps
  • API routes and data stores operated by Optimal Data Inc.

Please do not test

  • Social engineering or phishing of employees or users
  • Denial-of-service against production without written approval
  • Physical attacks against facilities
  • Third-party services except where they directly affect Optimal-operated systems

Safe harbor

Good-faith researchers who follow this policy, avoid privacy violations and service disruption, and give us reasonable remediation time will not face legal action fromOptimal Data Inc..

Related