Responsible Disclosure Policy – Peak AI
Last Updated: September 13, 2021
Peak prides itself in appreciation for good security and protection. If you believe you’ve found a security vulnerability in the Peak website or service, let us know and we will work with you to resolve the issue.
This policy has been produced to follow common vulnerability disclosure best practices. It does not provide permission to conduct any unlawful activities or activities that may result in Peak or partner organisations to act unlawfully.
This policy applies to the Peak Website hosted at peak.ai and Peak platform hosted at codi.peak.ai and all subdomains or related services therein.
Peak AI Limited does not run a bug bounty program. Peak respects and values members of the public who make the time and take the effort to report security vulnerabilities according to this policy. However, we do not offer monetary rewards for vulnerability disclosures.
If you believe you’ve discovered a potential vulnerability, please let us know by emailing us at firstname.lastname@example.org.
Please provide us with a reasonable amount of time to resolve the issue as well as information that we may require to replicate and resolve the issue.
Any users believed to be engaging in excluded activities will have their user credentials immediately deactivated.
While researching, we’d like you to refrain from:
- Any unlawful activity including local, international, data protection and privacy laws
- Accessing unnecessary or excessive amounts of data
- Modifying data in the Peak systems or services
- Failing to properly secure data retrieved from Peak systems or services
- Sharing data retrieved from Peak systems or services
- Denial-of-Service (DoS)
- Social engineering or phishing of Peak employees, contractors or customers
- Any attacks against Peak’s physical property
- Utilising destructive or unnecessarily invasive scanning tools to find vulnerabilities
Peak is always open to feedback, questions, and suggestions. If you would like to talk to us, please feel free to get in touch at email@example.com.