Privacy
Policy.
Who We Are
XC0MRADE Technologies Private Limited (CIN: U62099BR2025PTC079540), registered in Bihar, India, operates the vulnerability marketplace platform accessible at https://xcomrade.tech. We connect Security Researchers with Organizations to find and fix security vulnerabilities through structured programs.
Our Commitment
1. Data Collection
1.1 Account Registration
We collect name or handle, email address, password (hashed), and chosen role (Researcher or Organization).
Authentication and role-appropriate access.
1.2 Profile & Onboarding
Researchers provide bio, skills, and avatar. Organizations provide company name and industry.
Skill matching and reputation tracking.
1.3 KYC Verification Data
Required for monetary Rewards. Includes government ID (Aadhaar, Passport), address proof, and PAN.
Mandatory under PMLA 2002 and RBI guidelines.
1.4 Vulnerability Reports
Includes titles, severity, reproduction steps, and Sketches (JSON/PNG artifacts).
To facilitate disclosure and transfer findings to customers.
Retention Schedule
| Type | Period | Legal Basis |
|---|---|---|
| KYC Documents | 5 years min | PMLA 2002 |
| Financial Records | 7 years | Income Tax 1961 |
| IT Logs | 180 days | CERT-In 2022 |
| Accepted Reports | 5 years | Contractual |
9. Grievance Officer
Appointed Officer
Vivek Singh — Founder
Primary Email
grievance@xcomrade.tech
Resolution Timeframe
7 Business Days