We take security seriously. If you've found a vulnerability in Revolink, we want to hear from you - and we'll work with you to resolve it quickly.
We welcome reports of the following vulnerability types:
Reflected, stored, or DOM-based XSS that could affect users.
Any injection that allows unauthorized database access.
Flaws that allow access without valid credentials.
Unintended access to user data, API keys, or private information.
Privilege escalation or unauthorized actions between accounts.
Please send a detailed report to our security team. Include reproduction steps, impact assessment, and any supporting evidence.
Email a description of the vulnerability to security@revolink.link
Include steps to reproduce and a proof-of-concept if possible
We will acknowledge your report within 48 hours
We aim to resolve critical issues within 7 days
We will confirm receipt of your report within two business days.
We will assess severity and communicate our remediation timeline.
We will not pursue legal action against researchers acting in good faith under this policy.
With your permission, we will publicly credit you for responsible disclosure.
All traffic between your browser and Revolink is encrypted in transit using TLS 1.3.
Passwords are never stored in plain text - they are hashed using bcrypt.
We never store credit card data. Payments are processed by Creem.
We follow GDPR principles: data minimization, user rights, and transparent processing.
Stop sending everyone to the same page. Route by location, device, and time - free forever on the free plan, no credit card required.
Start for Free - No Card RequiredFree plan · No credit card · Cancel anytime