Axis logo
Apply

Responsible Disclosure Policy

Last updated: September 4, 2025

1. Our Commitment & Safe Harbor

AxisPay is committed to the security of our products and the protection of our customers' data. We value the work of independent security researchers and believe that a strong partnership with the community is essential for our mutual safety. This policy outlines how to report vulnerabilities, what to expect from us, and our safe harbor promise.

This policy applies to services provided by Axisco Limited (trading as AxisPay) and its subsidiary, Axis Systems Limited.

Safe Harbor

When conducting vulnerability research under this policy, we consider your work to be authorized. We will not initiate legal action against you for accidental, good-faith violations of this policy. We waive any claims against you for circumventing our security controls, as long as you avoid privacy violations, service degradation, and data destruction.

2. Scope

In Scope

  • This marketing site and all its subpages
  • AxisPay Portal: dashboard.axispay.tech
  • AxisVoice: axisvoice.com
  • AxisPass: axispass.app

Out of Scope

  • Third-party services we do not operate
  • Social engineering, phishing, or physical attacks
  • Denial-of-Service (DoS) or resource-exhaustion attacks
  • Automated scanning that impacts service availability

3. How to Report

If you believe you have discovered a vulnerability, please email us at security@axispay.tech. Include a detailed description, steps to reproduce, and any proof-of-concept code. We will acknowledge receipt of your report within 2 business days.

4. Our Process & Recognition

We follow a structured process to ensure all reports are handled consistently and efficiently:

  1. Report: We acknowledge receipt within 2 business days.
  2. Triage: We validate and assess the severity within 7 business days.
  3. Remediate: We develop and deploy a fix. The timeline varies by complexity.
  4. Recognize: With your permission, we credit you in our Hall of Fame.

We do not currently offer a bug bounty program. However, we are grateful to researchers who submit valid reports and help us improve our security. We may offer non-monetary recognition at our discretion for significant findings.

5. Security Hall of Fame

We thank the following individuals and organizations for their contributions to the security of AxisPay.

No submissions have been recognized yet. Be the first!

6. Contact Us

For security-related inquiries, please use the reporting email above. For general questions, please contact us by email at support@axispay.tech or write to us at our registered office:

Axis Systems Limited
Barnacoille, Kilmacanogue
Co. Wicklow, A98H009
Ireland

Company No. 719359 • VAT IE4394050GH • DUNS 986119356 • Registered in Ireland, 2022.