VINILLE
Responsible disclosure policy
In this policy, references to "VINILLE","us", "we" and "our" mean VINILLE GmbH,
a company incorporated and registered in Germany, with registered company number HRB 21417 and with a registered address at:
Lütge Heide 14, 44894 Bochum, Germany and the Headquatered
Main Office at:
Kienberger Allee 4, 12529 Schönefeld, Germany
Values
VINILLE takes the protection and privacy of our customers' data very seriously, and it is our highest priority. We, therefore, take the security of our systems extremely seriously, and we genuinely value the assistance of the security community in assisting us to keep all of our systems safe and secure. We therefore operate a responsible disclosure policy to allow you to quickly and effectively raise security concerns with the person who can address them.
Policy
If you believe you have identified a vulnerability, please read through the submission terms below and contact us. The terms below apply to any website, application or service distributed by or hosted by VINILLE, or served under a domain owned by VINILLE.
You can use our email address to alert us to:
Responsibilities
We ask that you act responsibly and in the best interests of VINILLE and our customers at all times.
It is essential that your communication is a responsible disclosure, and not seen as an attack or extortion. Following the guidelines we have provided will help to ensure that. We act decisively on attacks and extortion attempts, including reporting them to the relevant authorities.
Disclosure
If you believe you've found a security vulnerability in one of our products or platforms, please report it by emailing our security team. By emailing or providing a disclosure to us, you agree to our Terms and Conditions and that we can use your submission and its contents to ensure the security, integrity and reliable operation of our technology and business.
Your submission should contain:
Response
Commitment
We ask that you do not share or publicise an unresolved vulnerability with/to third parties. If you responsibly submit a vulnerability report, we will make reasonable efforts to respond quickly.
Recognition
We do not offer any financial rewards for submissions, but we are happy to thank every individual researcher who submits a vulnerability report that helps us improve our overall security.
We will not name anyone without their prior consent.
We are actively working to put a bug bounty program in place which will facilitate and regulate financial rewards for disclosures, but at this time, we cannot provide any monetary rewards.
Submit a disclosure
Anyone can report an information security issue using our dedicated email address: disclosure (@) vinille. eu
Submit a disclosure |