Terms of Service Privacy policy Data Processing Addendum API Terms Platform Client Terms Additional Services Terms GDPR Compliance Page Integration Partner Terms Responsible Disclosure Policy

Responsible Disclosure Policy

Last updated: December 5, 2025

At Tremendous, we prioritize the security and privacy of our users and their data. We take all potential security issues seriously and are committed to addressing them promptly. If you believe you have discovered a vulnerability in our platform, we encourage you to report it to us responsibly.

Reporting a Vulnerability

To report a security vulnerability, please submit it through our Vulnerability Disclosure Program on Intigriti:

https://app.intigriti.com/company/programs/tremendous/tremendous-vdp/detail

The program page contains complete details on scope, rules of engagement, and out-of-scope items.

Requesting a copy of our SOC 2 report

Please email your customer success manager, or clients@tremendous.com if you do not have one.

Safe Harbor

To encourage responsible vulnerability disclosure and protect researchers, Tremendous follows these guidelines:

We will not take legal action against researchers who report vulnerabilities in good faith
We will not suspend or terminate access to our services for researchers who comply with this policy
We will work with researchers to understand and resolve the issue promptly

Questions

If you have any questions about this policy, please get in touch with us at security@tremendous.com.

Thank you for helping us keep Tremendous secure!