Legal Policy

Security Vulnerability Notice

Last Modified: 22 February, 2024

Statement

Thinkogic is dedicated to delivering a safe and dependable environment for our users, clients, and partners. We value and promote the responsible disclosure of any security vulnerabilities that might endanger the confidentiality, integrity, or availability of our website, services, products, or other offerings.

Scope

The Security Vulnerability Notice Policy applies to all Thinkogic websites, online applications, software products, services, and other offerings.

Process for Notifying Vulnerability Disclosures

How to notify Thinkogic about a security concern

If you discovered you have identified a security vulnerability, please report it to us in a responsible and coordinated manner. Please follow these steps:

  • Send an email to [email protected] with details about the issue.
  • Include a full description, the time and manner of discovery, the procedures for reproducing the problem, the specification of the system, services, or product where the vulnerability was identified, and any supporting documents (for example, screenshots or proof-of-concept code).
  • Provide Comprehensive details: Include your contact details for further communication and clarification. We appreciate your cooperation and efforts to offer a complete report.

Resolution Process

We will evaluate the reported issues and take all necessary steps and efforts to prevent and/or handle them. The period for resolution will be determined by the complexity of the issue.

Undertakings

By submitting a vulnerability notice, you accept that:

  • Not revealing or communicating the vulnerability to others until it is corrected and before the end of a mutually agreed-upon time term;
  • Not exploiting the vulnerability, changing, downloading, or deleting any records or data, or carrying out any form of attack based on the vulnerability;
  • Obey the rules and regulations applicable to your locality;
  • Comply with appropriate data privacy regulations, especially by not exposing a third party’s data without sufficient legal justification;
  • Confirm that the materials in the notification you are providing do not violate any other party’s intellectual property rights (for example, you did not steal materials from the internet).

By submitting a vulnerability notice to Thinkogic, you grant Thinkogic an irrevocable, global license to use it.

Our Commitment

Thinkogic is committed to:

  1. Timely Response: We will acknowledge receipt of your report within 7 business days and maintain continued communication while we investigate and resolve the issue.
  2. Non-Retaliation: Thinkogic will not take legal action against individuals who disclose security vulnerabilities responsibly.
  3. Recognition: With your permission, we may acknowledge and appreciate individuals who responsibly disclose security vulnerabilities.

Legalities

Thinkogic values the privacy and security of its consumers. We require that security researchers follow all applicable rules and regulations.

Contact Information

Attn: Security Vulnerability
Thinkogic 101,
C Wing, Poonam Valley, Pleasant Park,
Mira Road (E), Thane,
Maharashtra, India – 401107.
Phone: +91 9324448438
Email: security@thinkogic.com