Effective Date: July 12, 2023

We prioritize the safety and security of our systems, but despite our best efforts, vulnerabilities may still exist. If you have discovered a vulnerability, we appreciate your cooperation in promptly reporting it to us. By following the guidelines outlined below, you can help us address the issue and better protect our customers and systems.

Reporting Instructions:

  1. Email your findings to support@shopctrl.com.
  2. Please refrain from exploiting the vulnerability or issue you have discovered. Avoid actions such as downloading excessive data to demonstrate the vulnerability or modifying or deleting others’ data.
  3. Do not disclose the problem to anyone else until it has been resolved.
  4. Do not attempt physical security attacks, engage in social engineering, use distributed denial of service, spam, or third-party applications.
  5. Provide sufficient information to replicate the problem. Typically, the IP address or URL of the affected system and a comprehensive vulnerability description are adequate. However, for complex vulnerabilities, additional details may be necessary.

Our Commitment to You:

  1. We will acknowledge receipt of your report within 3 working days and provide an initial assessment of the issue, along with an estimated timeframe for a solution.
  2. If you adhere to the above instructions, we will not pursue any legal actions against you concerning your disclosure.
  3. Your report will be handled with strict confidentiality. We will not disclose your personal information to any third parties without your explicit consent.
  4. We will keep you informed about the progress made in resolving the reported issue.
  5. In the public information regarding the resolved problem, we will credit you as the discoverer, unless you prefer otherwise.

We strive to resolve all vulnerabilities promptly and aim to play an active role in any future publication related to the issue, once it has been addressed.

Thank you for your assistance in maintaining the security of our systems. Your contribution is invaluable in our continuous efforts to enhance our security measures.