RechargePower LLC (hereinafter "the Company") provides a reporting channel to enable security researchers and other parties to conduct investigations with confidence, in order to ensure the safety of its services and maintain a sound information security environment.
Scope
This Policy applies to the products and services provided by the Company.
For certain customers or services, separate restrictions may apply as agreed upon with the customer's approval.
How to Report
Please send your report with the required information to the email address below:
security.rpj@rechargepower.co.jp
Required information:
-
Reporter information (name and email address)
-
Type of vulnerability
-
Steps to reproduce the vulnerability
-
Name and URL of the affected service
Privacy Policy
Information submitted in reports will be handled in accordance with the Company's Privacy Policy. Please refer to the following page for details:
→ Privacy Policy
Company's Initial Response
Upon receiving a vulnerability report, the Company will respond according to the following process:
-
Acknowledgment: The Company will send an acknowledgment of receipt within 3 business days of receiving the report.
-
Investigation and Assessment: The Company will review the reported content and conduct an assessment of the vulnerability and its associated risk. If additional information is required, the Company will contact the reporter.
-
Remediation: If a vulnerability is confirmed, the Company will implement remediation measures according to the level of urgency. The reporter will be notified upon completion of the fix.
-
Disclosure: Where appropriate, the Company will publicly disclose information about the vulnerability. The reporter will be notified in advance of any such disclosure.
When providing a solution, the Company's basic expectation is that the reporter will submit a detailed report of the solution. Even after resolution, the Company will continue to manage the matter to maintain the safety of its services.
Disclaimer
-
Persons who conduct investigations and submit reports in accordance with this Policy will not be treated by the Company as having violated the Company's Terms of Use or the Unauthorized Computer Access Law.
-
The Company explicitly prohibits the taking of legal action against persons who act in good faith within the scope of this Policy.
-
Even when acting in accordance with this Policy, acts that infringe upon the intellectual property rights or other rights of third parties are not covered by the protections described herein.
-
With respect to reports assessed by the Company and legal third parties, the Company will respond in good faith.
Amendments to this Policy
The Company may change the content of this Policy without prior notice; however, any changes will be published immediately on the Company's website.
Established: June 12, 2026
