Contact Sales

Nift Networks Vulnerability Disclosure Policy

1. Purpose

Nift is committed to ensuring the security and privacy of our systems, services, and users. We value the work of security researchers in helping us maintain a safe environment. This Vulnerability Disclosure Policy (“Policy”) outlines the guidelines for reporting potential security vulnerabilities to Nift.

2. Scope

This Policy applies to all websites, applications, and services owned or operated by Nift, unless otherwise specified.  Any other systems or services are considered out of scope unless explicitly authorized.

3. Our Commitment

If you make a good faith effort to comply with this Policy when reporting a vulnerability:

  • We will not pursue or support any legal action against you related to your research.

  • We will work with you to understand and resolve the issue quickly.

  • We will publicly acknowledge your contribution (with your consent).

4. Guidelines for Researchers

When investigating and reporting vulnerabilities, you must:

  1. Respect privacy – Avoid accessing, modifying, or deleting user data.

  2. Do no harm – Do not disrupt services, degrade performance, or compromise availability.

  3. No financial threats – Do not attempt to extort or demand payment for disclosures.

  4. Limit exploitation – Only use methods necessary to demonstrate the vulnerability.

  5. Report promptly – Share your findings with us as soon as possible.
Prohibited activities include:

  • Distributed Denial of Service (DDoS) attacks.

  • Social engineering (phishing, vishing, etc.).

  • Physical security attacks against Nift offices, employees, or contractors.

5. How to Report

Please submit vulnerability reports to: security@gonift.com

Your report should include:

  • A detailed description of the vulnerability.

  • Steps to reproduce the issue.

  • The potential impact.

  • Any suggested remediation (optional).

6. Response Process

  1. Acknowledgment – We will confirm receipt of your report within 5 business days.

  2. Assessment – Our security team will investigate, validate, and prioritize the issue.

  3. Remediation – We will work to fix the vulnerability as quickly as possible.

7. Safe Harbor

Activities conducted in accordance with this Policy will be considered:

  • Authorized under the Computer Fraud and Abuse Act (CFAA).

  • Exempt from Nift’s terms of service restrictions.

  • Not triggering legal action from Nift if performed responsibly.

8. Changes to Policy

Nift may update this Policy at any time. Researchers are encouraged to review the Policy periodically.

Our Happiness Guarantee

We’re committed to making sure you love your experience — if something’s not right, we’ll make it right. It’s our promise.

 Consumer FAQ

Find helpful information in our frequently asked questions.

Login

Consumers

my gifts

Business

dashboards