At Bitz ‘n’ PC’z Ltd, we take the security of our website and systems seriously. We believe in the importance of maintaining a strong and secure online presence and we appreciate the efforts of security researchers and individuals who assist us in achieving this goal. We encourage responsible disclosure of any security vulnerabilities you may discover on our website.
If you believe you have identified a security vulnerability on our website, we request that you adhere to the following guidelines:
- Do not engage in any illegal activities: Ensure that your actions comply with all applicable laws and regulations.
- Act in good faith: Make a reasonable effort to avoid privacy violations, disruption of services, or unauthorised access to or destruction of data.
- Do not disclose vulnerabilities publicly: Do not share any information about potential vulnerabilities publicly until we have had a reasonable time to investigate and address the issue.
- Promptly report the vulnerability: Please report any potential vulnerabilities to us as soon as possible. You can submit your findings by submitting the form below. Please provide a detailed description of the vulnerability, including any steps required to reproduce it and any relevant information that could help us understand and address the issue.
- Provide necessary information: When reporting a vulnerability, please include your name (or preferred alias) and contact information. If you would like recognition for your findings, let us know and we will acknowledge your contribution if appropriate.
- Keep the details confidential: We ask that you keep the details of any discovered vulnerabilities confidential until we have had an opportunity to investigate and address the issue.
- Cooperate with us: We request that you work with us in a collaborative and responsible manner to validate and address the reported vulnerability. This may include responding to requests for additional information or assisting us in reproducing the issue.
- Responsible disclosure timeframe: We commit to acknowledging the receipt of your report within three business days and will provide periodic updates on the progress towards addressing the vulnerability. We aim to resolve critical issues as quickly as possible and will make reasonable efforts to fix other non-critical vulnerabilities in a timely manner.
- No monetary compensation: As a responsible organisation, we do not offer monetary rewards or bounties for vulnerability disclosures. However, we genuinely appreciate your assistance and will consider other forms of recognition or thanks if appropriate.
Please note that this policy does not grant permission to perform any testing or actions that may harm our website or systems. Any unauthorised actions that cause harm or disruption to our services may result in legal consequences.
Thank you for taking the time to read and understand our Vulnerability Disclosure Policy. We greatly value your efforts in helping us maintain a secure environment for all our users.