RESPONSIBLE DISCLOSURE POLICY

The security of users’ data is always our top priority. If you have discovered security vulnerability anywhere in our services, we greatly appreciate your cooperation in disclosing it to us in a responsible matter, following the guidelines set out in this Policy.

We commit to acknowledge, validate, and fix vulnerabilities in the timeliest matter possible. We will not take legal action against or suspend access to our services for any party that has responsibly disclosed vulnerabilities discovered.

We would like to give property credit to the people who help us improve our services and protect the PremiumSide Hosting community. If you discover a valid significant vulnerability and report it in accordance with this Policy, we will add your name to our Honor Roll. If you wish to keep your disclosure confidential, just let us know and we would never reveal your identity. Incase the same vulnerability is reported by several parties before it is fixed. the acknowledgement will go to the first one to report the issue.

RULES

  • If you believe you have found a vulnerability, do not share details about it with any third parties or the general public before it has been fixed;
  • You can only conduct testing on accounts that you own or have permission from the owner to test on;
  • Do not try to gain control of another user’s account or data;
  • SPAM and DDoS attacks are never permitted;
  • Do not use automated tools to find vulnerabilities;
  • Automated/manual password guessing (also known as “bruteforce attack”) against login forms is not permitted;
  • never use non-technical methods such as phishing and / or social engineering against employees or customers of PremiumSide Hosting;
  • Physical attacks against equipment, infrastructure, offices, and / or employees of PremiumSide Hosting and / or our partners are strictly forbidden.

HOW TO REPORT

Send us an email at [email protected] with the details of the vulnerability you have discovered. Please make sure to include the following:

  • As much details as possible about the nature of the vulnerability so as to allow us to reproduce your steps;
  • Your e-mail address;
  • Name and a link to your social media profile as you would like them to appear on this page.