Responsible Disclosure

Zivame’s responsible disclosure policy

How to report an issue?

If you happen to have identified a vulnerability on any of our properties, we request you to follow the steps outlined below:

• Please contact us immediately by sending an email to security@zivame.com with the necessary details to recreate the vulnerability scenario. This may include screenshots, videos or simple text instructions.
• Please share with us your contact details (email, phone number), so that our security team can reach out to you for further inputs to quickly identify and close the problem.
• Please do not take advantage of the vulnerability or problem you have discovered, for example by downloading more data than necessary to demonstrate the vulnerability or deleting or modifying other people's data. This is necessary for us to consider your disclosure as a responsible one. While we appreciate your inputs, we may take legal recourse if the identified vulnerabilities are exploited for unlawful gains or getting access to restricted customer or system information or impairing our systems.
• Please do not reveal the problem to others until it has been resolved. Please give us reasonable time to appropriately fix the problem before making such information public. Our team will work with you to estimate and commit to such a time frame.

Acknowledgements