Report Security Issues
Last Updated: July 2026
At opeay, we take the security of our website, customers and systems seriously. This page explains how security researchers, customers and other users can responsibly report a suspected vulnerability or security issue involving https://opeay.store/.
1. How to Report a Security Issue
If you discover or suspect a security vulnerability, please contact us as soon as possible at:
Security Contact Email: info@opeay.store
Subject Line: Security Vulnerability Report
Support Phone: +1 (323) 955-1401
Email is the preferred method for reporting security issues because it allows you to include technical details and supporting information.
2. Information to Include
To help us investigate the issue efficiently, please include as much of the following information as possible:
- A clear description of the suspected vulnerability.
- The affected page, URL, feature or system.
- The date and approximate time the issue was discovered.
- Steps that allow us to reproduce the issue.
- The browser, operating system or device used.
- Screenshots, logs or error messages where appropriate.
- The potential impact of the vulnerability.
- Your contact information for follow-up questions.
Please remove or redact unnecessary personal, payment or confidential information before sending your report.
3. Responsible Disclosure
We ask anyone investigating a suspected security issue to act responsibly and in good faith.
Please:
- Report the issue directly to us before publicly disclosing it.
- Allow us a reasonable amount of time to investigate and address it.
- Avoid accessing, changing, deleting or copying customer information.
- Avoid disrupting our website, checkout or business operations.
- Use only the minimum testing necessary to confirm the issue.
- Comply with all applicable laws and regulations.
4. Prohibited Security Testing
The following activities are not authorized:
- Denial-of-service or distributed denial-of-service testing.
- High-volume automated scanning that disrupts the website.
- Social engineering, phishing or impersonation.
- Attempting to access customer or employee accounts.
- Downloading, changing or deleting personal information.
- Installing malware or harmful code.
- Testing third-party systems without their authorization.
- Attempting to gain physical access to offices or equipment.
- Fraudulent transactions or unauthorized payment testing.
5. Customer Account Security
If you believe your customer account, order or payment information may have been compromised, contact us immediately.
You should also:
- Change your account password.
- Avoid reusing the same password on other websites.
- Review your recent orders and account information.
- Contact your bank or payment provider regarding suspicious charges.
- Do not share one-time codes, passwords or card security codes.
6. Suspicious Emails and Messages
If you receive a suspicious email, text message or social-media message claiming to represent opeay, do not click unknown links or provide passwords, payment details or verification codes.
Forward or report the suspicious communication to info@opeay.store.
7. Payment Security
Payments on our website are processed through Shopify and authorized third-party payment providers.
opeay will not ask you to send your full card number, payment security code or online-banking password by email, telephone or social media.
8. Third-Party Services
Our website uses services provided by third parties, including Shopify and payment processors.
A vulnerability that affects only a third-party service may need to be reported directly to that service provider. You may still inform us when you believe the issue affects your use of opeay.store.
9. Our Response Process
After receiving a security report, we may:
- Acknowledge receipt of the report.
- Request additional technical information.
- Investigate and attempt to reproduce the issue.
- Work with Shopify or another service provider where necessary.
- Take reasonable action to reduce or correct the risk.
- Notify affected users or authorities where legally required.
Response and resolution times depend on the seriousness, complexity and scope of the reported issue.
10. No Bug-Bounty Commitment
Unless we have expressly agreed otherwise in writing, opeay does not currently operate a formal bug-bounty or paid vulnerability-reward program.
Submitting a report does not create a right to payment, compensation, employment or other reward.
11. Confidentiality
We ask that reporters keep vulnerability details confidential until we have had a reasonable opportunity to investigate and address the issue.
We will handle reports carefully, but we cannot guarantee that every report or communication will remain confidential where disclosure is required by law or necessary to address the issue.
12. Personal Information in Reports
Personal information submitted in a security report will be used to investigate, respond to and document the reported issue.
For more information about how we handle personal information, please review our Privacy Policy.
13. Good-Faith Reports
We appreciate good-faith reports that help protect our customers and website.
However, this policy does not authorize unlawful conduct, access to data belonging to another person or testing that causes damage, interruption or financial loss.
14. Changes to This Policy
We may update this security-reporting policy to reflect changes in our technology, services, security procedures or legal obligations.
Updated versions will be published on this page with a revised “Last Updated” date.
15. Contact Information
opeay, LLC
Company Number: 10383730
1111B South Governors Avenue, STE 48083
Dover, Delaware 19904
United States
Email: info@opeay.store
Phone: +1 (323) 955-1401
Business Hours: Monday through Sunday
Website: https://opeay.store/