Disclosure Policy

Name of the company

Is very well concerned about the customers privacy, ergo, we take its security very seriously.

We recognize and respect the role that security researchers and ethical hackers undertake in keeping the internet secure. As a result, we applaud their diligent work in not just finding possible flaws but also responsibly identifying them. It is strongly advised to read the Responsible Disclosure Policy before reporting a problem with any of the applications provided by us. It is guaranteed that (company) would never take legal action against its users reporting their issues until all these guidelines are being obeyed.

Who can participate in the program?

Anybody who does not work with (company's name) or its partners are capable of participating. Provided that, in a case of a particular security vulnerability, they should report it to the company and not to a third party until the problem has been fixed.

Responsible Disclosure policy:

  • Issue should be directly reported to us at (email id). Ensure no details have been disclosed to any outsider.
  • Response would be quick; at maximum, it might take 24-48 hours.
  • Please don’t announce the problem publicly until it has been resolved.
  • Always behave reasonably with our customers' data during its disclosure to keeping their security in mind. If your behavior is appropriate, we will never take any legal actions towards you or your account.
  • Always try to prevent privacy breaches, user interface degradation, and data loss during security testing. It includes brute force, Spamming, DoS, Social Engineering, and Scraping, among others.

Scope

  • Each subdomain consists of (company.com)
  • Company’s mobile apps for both iOS and android

Our responsibility

The issue will be acknowledged by us within 24-48 hours of receiving the information from your end. The situation will be evaluated by us, and then we'll give you an approximate timing for fixing the identified vulnerability. You'll be contacted by us once the issue has been resolved. Lastly, we want to thank you for assisting us in keeping consumer data and facilities safe by reporting and helping us.

Legal terms

If you’re participating in our Responsible Disclosure program, it is assumed that you’ve carefully read, understood, and agreed to our Company’s Terms of Service and the points mentioned below:

  • Inclusion in the Program does not infringe on the laws that apply to you, nor will it compromise any data that is not your own.
  • Entire responsibility for all the related taxes resulting from your involvement in the Program, and any reward payments made in the future is your own.
  • Company retains the freedom to discontinue the program depending upon its convenience.