WE PRIORITISE PRIVACY

Vulnerability Disclosure

At Simpel, keeping our customers’ data safe is a top priority. We work hard to secure our systems, but we know that no technology is perfect. If you find a weakness, we’d like to know so we can fix it quickly.

How to Report a Security Issue

If you’ve discovered a potential security vulnerability in our systems, please let us know:

Email: [email protected]

Raise a support ticket

When you contact us, please include:

  • A clear description of the issue.
  • Steps to reproduce it (with proof of concept if possible).
  • Any potential impact you’ve identified.

What You Can Expect From Us

  • We’ll acknowledge your report within 5 business days.
  • We’ll investigate and, if confirmed, fix the issue as quickly as we can.
  • We’ll keep you updated on our progress.
  • If you’d like, we’ll recognise your contribution once the issue is resolved.

Play Fair

We ask that you:

  • Don’t access, modify or delete data that isn’t yours.
  • Avoid disrupting our services.
  • Give us reasonable time to fix the issue before making it public.
  • Follow Australian law when conducting your research.

Safe Harbour

If you follow these guidelines, we won’t take legal action against you. We see security researchers as important partners in helping us protect our community.

Out of Scope

For clarity, the following are not covered by this policy:

  • Denial of service (DoS/DDoS) testing
  • Spam or phishing campaigns
  • Social engineering of our staff or customers
  • Physical attacks on facilities or equipment
  • Automated scans without evidence of a real issue
Vulnerability Disclosure

Want more info?

Speak with our team and find your answers faster
Request a call back