1. Introduction
At Digival Solutions, we are committed to ensuring the security of our systems, applications, and user data. We welcome security researchers and users to responsibly disclose any vulnerabilities they discover.
2. Reporting a Vulnerability
If you identify a potential security vulnerability, please report it to us at:
Email: securityadmin@digivalsolutions.com
Please include:
- A clear description of the vulnerability
- Steps to reproduce the issue
- Affected URL(s) or system(s)
- Potential impact
- Supporting materials (screenshots, logs, proof of concept)
3. Our Commitment
We commit to:
- Acknowledge receipt of your report within 2–3 business days
- Investigate and validate the issue promptly
- Take appropriate remediation actions
- Keep you informed about the status of your report
4. Scope
This policy applies to:
- Public-facing websites and web applications
- APIs and backend services
- Mobile applications (Android and iOS)
Out of scope:
- Social engineering attacks (e.g., phishing)
- Physical security attacks
- Denial of Service (DoS/DDoS) testing
- Issues requiring excessive automated scanning
5. Responsible Disclosure Guidelines
We request that you:
- Act in good faith and avoid privacy violations
- Do not exploit vulnerabilities beyond what is necessary to demonstrate the issue
- Do not access, modify, or delete data belonging to others
- Do not disrupt or degrade our services
- Give us reasonable time to fix the issue before public disclosure
6. Safe Harbor
We will not initiate legal action against individuals who:
- Follow this policy in good faith
- Do not exploit vulnerabilities for malicious purposes
- Respect user privacy and data protection
7. Recognition (Optional)
We may acknowledge and thank researchers for valid reports, subject to internal policies.
8. Updates
We may update this policy from time to time. Please refer to this page for the latest version.
9. Contact
For any security-related concerns, please contact us at:
