Connections

Security Policy

Your security is of utmost importance to us at Connections. We are continuously working to protect our applications, our network, and, most importantly, the personal data and privacy of our users. This Security Policy outlines how you can report issues and what we do to maintain a secure platform.

User Safety and Reporting

If you encounter any problems with your account security or notice suspicious behavior from another user (for example, someone is attempting to phish your information or you suspect an account has been compromised), please let us know right away. You can contact us at connections@dating-universe.com for any security-related concerns, or use the in-app reporting tools for user-related issues. Our support team will respond as promptly as possible.

For general support or to report content or profiles that violate our policies (but are not necessarily technical security issues), you can also reach out through our Support page or use the "Report" feature within the app on the relevant profile or chat.

Our Commitment to Application Security

Connections considers the security of our platform and the privacy of user data to be extremely important. We have implemented industry-standard measures and continue to update our practices to address the evolving landscape of cyber threats. However, no system is infallible, so we also rely on the goodwill and vigilance of the security community to help us fortify our defenses.

Key aspects of our security approach include:

  • Data Encryption: We use encryption protocols (such as HTTPS with TLS) to protect data in transit between your device and our servers. Sensitive information like passwords is stored in hashed or encrypted form in our database.
  • Secure Infrastructure: Our servers are hosted in secure environments with strong firewall and intrusion detection systems. We regularly update our software and systems to patch vulnerabilities.
  • Access Controls: Internally, we limit access to production systems and user data to authorized personnel only, and only as necessary for them to perform their job duties. We maintain strict access logs and employ multi-factor authentication for administrative access.
  • Monitoring and Auditing: Our technical team monitors for unusual activities or potential attacks. We use automated tools as well as manual reviews to catch anomalies. Regular security audits and penetration tests are conducted to assess our systems.
  • Incident Response: In the unlikely event of a data breach or security incident, we have an incident response plan in place. Users will be notified, and we will take immediate action to mitigate the issue and prevent future occurrences, in compliance with applicable laws and regulations.

Reporting Security Vulnerabilities (Vulnerability Disclosure Program)

We greatly appreciate the contributions of independent security researchers and our user community who help us identify and fix security vulnerabilities. If you discover a potential security vulnerability or flaw in any of Connections's applications, systems, or websites, we encourage you to report it to us in a responsible manner.

Please email details of the suspected vulnerability to connections@dating-universe.com with the subject line "Security Vulnerability Report". In your report, include:

  • A description of the issue and its potential impact.
  • Detailed steps to reproduce the issue (proof of concept code or screenshots are welcome, if applicable).
  • The date and time when you discovered the issue.
  • Your contact information (especially if you are open to us reaching out for further clarification).

Our security team pledges to review your report promptly. We ask that you give us a reasonable opportunity to investigate and address the vulnerability before you share any information publicly. Responsible disclosure means you avoid disclosing the issue to others or exploiting it yourself. This protects our users and gives us a chance to fix things. We are committed to transparency and, after a fix or mitigation is in place, we can coordinate with you to publicly acknowledge the discovery if you desire credit.

To protect our users and services, we prohibit certain types of testing. Please do not engage in activities that could harm the experience or safety of our users, such as:

  • No testing that degrades our service (e.g., no Denial of Service (DoS) attacks or deliberate attempts to crash the service).
  • No use of automated scanners or tools that generate significant traffic or could access user data. These can be indistinguishable from malicious attacks and may trigger our defenses.
  • Do not access or modify data that is not your own. If a vulnerability provides unintended access to data, report the situation without interacting further with that data.
  • Avoid privacy violations, destruction of data, and interruption or degradation of our services.

We also kindly request that you do not publicly disclose the details of any potential security issue until we have had a chance to fix it. Premature disclosure could put users at risk. We believe in a collaborative approach - we will keep you informed about the fix progress and, if you're interested, involve you in any public announcement or credit for the discovery.

Recognition

We are grateful for those who help improve our security. While we do not have a formal bug bounty program with monetary rewards at this time, we do maintain a Hall of Fame to acknowledge researchers who have contributed valuable reports. If you report a valid significant security issue, with your permission we can add your name or alias to our Security Acknowledgements page as a thank you. In some cases, we may offer other tokens of appreciation, like swag or premium features, though these are at our discretion.

Legal Safe Harbor

We want researchers to feel comfortable reporting bugs to us. As long as your research and report is made in good faith and in accordance with this policy, we will consider it authorized conduct and we will not initiate legal action against you. We will work with you to understand and resolve the issue quickly, and Connections will not pursue or support any legal action related to your research. (This assurance does not apply to malicious or non-compliant activities beyond the scope of responsible testing.)

Continuous Improvement

Security is not a one-time effort. It's an ongoing process. Connections is committed to continuously improving our security measures. We stay updated on emerging threats, invest in new security technologies, and train our staff on security best practices. We also value your feedback - if you have suggestions or questions about our security measures, feel free to reach out.

Thank you for helping keep Connections safe. Together with our users and the security community, we aim to provide not just a fun and engaging platform, but also a secure and trustworthy space for everyone.

Company

  • Jobs
  • Contact

Community

  • Blog
  • Press
  • Support

Legal

  • Privacy
  • Cookie Policy
  • Terms of Service
  • Delete Account
  • Intellectual Property

Safety

  • Safety Tips
  • Community Guidelines
  • Security

Social

Copyright © All rights reserved | Made with by Team @Connections

Available
on App Store

Available
on Play Store