Let's Do This Bug Bounty Policy

Let's Do This considers privacy and security to be core functions of our platform. Earning and keeping the trust of our users is our top priority, so we hold ourselves to the highest privacy and security standards.

If you have discovered a security issue that you believe we should know about, we would love to work with you. Please let us know about it and we'll make every effort to quickly correct the issue.



Only perform testing against our web staging environment at staging.letsdothis.com.

Do not perform any testing against our production site at www.letsdothis.com or our downloadable apps.

Eligible Systems

We currently only accept bugs within our customer facing products - the website (staging.letsdothis.com) and any APIs it or our apps use (i.e. graphql.staging.letsdothis.com).

Disclosure guidelines

Do not disclose any issues to the public or to any third party without our express permission. If you have questions, please ask us!