At DIDASHIVA, we take the security of our systems and data privacy very seriously, and it is our constant endeavour to make our website a safe place for our customers to browse. However, in the rare case when some security researcher or member of the general public identifies a vulnerability in our systems, and responsibly shares the details of it with us, we appreciate their contribution, work closely with them to address such issues with urgency, and if they want, we are happy to publicly acknowledge their contribution.


How to report an issue?

If you happen to have identified a vulnerability on any of our web properties, we request you to follow the steps outlined below:

1. Please contact us immediately by sending an email to contact@didashiva.com with the necessary details to recreate the vulnerability scenario. This may include screenshots, videos or simple text instructions.

2. If possible, share with us your contact details (email, phone number), so that our security team can reach out to you if further inputs are needed to identify or close the problem.

3. Do not take advantage of the vulnerability or problem you have discovered, for example by downloading more data than necessary to demonstrate the vulnerability or deleting or modifying other people's data

4. Do not reveal the problem to others until it has been resolved

5. Do not use attacks on physical security, social engineering, distributed denial of service, spam, etc



Acknowledgements

We do not have a bounty/cash reward program for such disclosures, but we express our gratitude for your contribution in different ways. For genuine ethical disclosures, we would be glad to publicly acknowledge your contribution in this section on our website. Of course, this will be done if you want a public acknowledgement.