Legal

Responsible disclosure

Reporting a vulnerability.

If you discover a security issue in our platform, please email security@madeby1891.com. We acknowledge within 1 business day and provide a response within 5 business days.

Safe harbor.

We will not pursue legal action against researchers who:

Test only on accounts you own, or accounts the agency has authorized for testing.
Do not access, modify, or destroy data belonging to other customers.
Do not perform denial-of-service testing against production.
Do not disclose the issue publicly before we've had reasonable time to fix it (90 days is typical; we'll work with you if the issue is more complex).
Make a good-faith effort to follow this policy.

What's in scope.

Any production system at madeby1891.com/interpreter, 1891interpreter.app (when live), or any tenant subdomain.

What's out of scope.

Social engineering of our team or customers.
Physical attacks.
Spam, automated scans without prior coordination.
Issues already publicly known or in active remediation (we'll tell you if you find one of these).

What we'll do.

Acknowledge within 1 business day. Triage within 5. Communicate the fix timeline. Credit you publicly (with your permission) when the issue is closed. We do not run a paid bug-bounty at this stage; we will offer a thank-you in writing and on the security page.

Last updated: 2026-05-17. Questions: hello@madeby1891.com.