My Profile
Search Icon

🛡️ Vulnerability Disclosure Policy

1. Our Commitment

Promo-Trader.com is committed to protecting the data and privacy of our users. We value the work of security researchers and ethical hackers who help us identify and fix security vulnerabilities in our systems.

This policy is intended to provide clear guidelines for conducting security research and communicating discovered vulnerabilities to us in a safe, legal, and responsible manner.

2. Scope: Where to Look 👀

This policy applies only to the following systems and assets:

🎯 In-Scope Assets

 * Primary Website: https://www.promo-trader.com

 * All subdomains directly controlled by Promo-Trader.com (e.g., blog.promo-trader.com, if applicable).

 * Any public-facing APIs or mobile applications officially published by Promo-Trader.com.

🚫 Out-of-Scope Assets (Do Not Test)

Testing the following systems or vulnerability types is prohibited and will not be considered authorized research:

 * Third-Party Services: Services hosted by external vendors (e.g., payment processors, CRM systems, third-party analytics dashboards, etc.).

 * Social Engineering: Attempts to trick or deceive Promo-Trader.com employees or users (e.g., phishing, vishing).

 * Physical Security: Attempts to gain physical access to any company facilities, hardware, or equipment.

 * Automated/High-Volume Tools: Running high-intensity or destructive automated scanners that could disrupt service.

 * Low-Risk Issues: General best-practice violations that do not demonstrate a direct exploit (e.g., missing HTTP security headers that have no security impact, version disclosure, descriptive error messages).

3. Reporting a Vulnerability

To ensure we can quickly assess and remediate the issue, please submit your findings to our dedicated security contact.

📧 How to Report

Please send a detailed email to our security address:

Email: support@promo-trader.com

✍️ What to Include in Your Report

A high-quality report helps us fix issues faster. Please provide:

 * Vulnerability Description: A brief, clear summary of the vulnerability.

* Location: The specific URL(s) or components affected (e.g., /user/login.php).

 * Steps to Reproduce (PoC): A detailed, step-by-step description of how to recreate the issue, including all necessary code, parameters, or accounts. Screenshots or proof-of-concept scripts are extremely helpful.

 * Impact: Explain what a malicious actor could gain from exploiting this vulnerability.

4. Our Rules of Engagement

Researchers must abide by the following rules when testing our systems:

✅ Authorized Activity

 * Do Not Harm: Make every effort to avoid privacy violations, degradation of user experience, or disruption to production systems.

 * Minimize Scope: Use exploits only to the extent necessary to confirm the vulnerability’s presence.

 * Stop and Report: If you encounter any sensitive data (e.g., user passwords, Personally Identifiable Information (PII), financial information), you must immediately stop your research, notify us, and agree not to retain, disclose, or use that data.

 * Respect Privacy: Only test against accounts you own or have explicit permission to use.

❌ Prohibited Activity

 * Data Compromise: Do not compromise, exfiltrate, delete, alter, or retain any user data.

 * Denial of Service (DoS): Do not engage in any activity that impairs or degrades access to our systems (e.g., DoS, DDoS, resource exhaustion attacks).

 * Malicious Software: Do not introduce any malicious software, viruses, or worms.

5. Our Promise to You (Safe Harbor)

If you make a good faith effort to comply with this policy, Promo-Trader.com commits to:

 * Authorization: We will consider your research to be authorized and will not recommend or pursue legal action against you for activities conducted in compliance with this policy.

 * Communication: We will acknowledge receipt of your report within [2-3] business days.

 * Remediation: We will work to confirm the vulnerability and provide status updates as we track the issue to remediation.

 * Credit: We will gladly offer public recognition (with your permission) on our dedicated Hall of Fame page or similar public post once the vulnerability is successfully resolved.

Disclosure Timeline

We require researchers to keep vulnerability details confidential until we have had a reasonable amount of time to remediate the issue (typically 90 days from initial acknowledgment). We will work with you to coordinate public disclosure once the fix is deployed.

This policy is a living document and will be updated as our systems and scope evolve.

Trustpilot

Partner Links

Active Search Results

Free Web Monitoring: Your Free Web Site Monitoring Service

Submit Your Site To The Web's Top 50 Search Engines for Free!

Anoox
SEO Services Glendale

Reviews of promo-trader.com

Click here to help move my site to top position on www.infignos.com.

Best Games

Best Games Directory is a comprehensive source of information for visitors looking for gaming and gambling-related consumer information. We also list quality websites related to lotteries, bingo, gaming, casino, sport betting and similar topics.

SEO Company BurbankHosting
Trustpilot

“Google Play and the Google Play logo are trademarks of Google LLC.”