Responsible Disclosure Policy

Responsible Disclosure Policy

We want to ensure people are able to quickly contact us with security concerns or information related to privacy or the confidentiality, integrity or availability of our systems. We value and appreciate responsible disclosures that support user privacy and security, and the purpose of this responsible disclosure policy is to enable security professionals and others to alert us in a quick and easy way.

Examples of when you might want to contact us include:

  • Vulnerabilities or breaches in our software or environments which threaten the confidentiality, integrity or availability of our data or our customers' data
  • "copycat" applications or phishing attacks
  • Activity, discussion or data in any public forum which you believe constitutes a threat to www.Rail-Pass.com or our customers

Responsible Disclosure Policy How to Contact Us

Please send us an email at security@rail-pass.com.

In your email, please include:

  • A clear description of the issue (logs, screenshots, responses)
  • Any platforms, operating systems, versions that are relevant
  • Any relevant IP addresses or URLs
  • Any supporting evidence you have collected (logging, tracing etc.)
  • Your assessment of the impact of the issue
  • Your suggestion to combat the issue

Please keep relevant evidence as we may need it.

Responsible Disclosure Policy Responsibilities

To enable us to treat communications as responsible disclosures:

  • Do be specific
  • Do not put any www.Rail-Pass.com or customer data at risk
  • Do provide sufficient detail
  • Do reference existing vulnerability information where relevant
  • We reserve the right to deal appropriately with attack and extortion attempts.

Responsible Disclosure Policy How We Will Respond

If we believe an issue has been reported as a responsible disclosure in line with this policy, we will deal with the matter promptly.

We may need to send you a reply with follow up questions if needed.

We discourage and will not respond to:

  • Reports of generic vulnerabilities with no evidence of relevance to our systems
  • Reports of any information already in the public domain
  • Reports that are vague or non-actionable
  • Reports that are not in line with this policy

Responsible Disclosure Policy Financial Rewards

We do not offer financial rewards.

Responsible Disclosure Policy Confidentiality

You must treat as confidential all information about our systems, staff or customers that you become aware of. We will treat your information in the same way.

Responsible Disclosure Policy Special Thanks

www.Rail-Pass.com would like to thank everybody who contributed to make this website as secure as possible through their contributions.

 

Rail Holidays
Rail Vacations
Luxury Trains
Luxury Tours
International Trains
International Tours
www.Rail-Pass.com
                             
home www.Rail-Pass.com Rail-Pass & Train Tickets & International Rail Holidays Hotel Booking & Hotel Reservations & Hotel Accomodation B&B Booking & B&B Reservations & B&B Accommodation Hostel Booking & Youth Hostel Reservations & Hostel Accommodation Chalet Rental & Holiday Homes & Vacation Homes Ski Pass Booking & Ski Pass Reservations & Ski Lift Pass Flight Tickets & Airline Reservations & Flight Booking Ferry Tickets & Ferry Booking & Ferry Reservations Car Rental Booking & Car Hire Reservations Excursions & Days Out & Day Trips & Theme Parks Rail Pass Booking & Rail Pass Reservations & Eurail & Interrail Rail Tickets & Rail Reservations & International Train Tickets Weekend Trips & Weekend Breaks & Weekend Away  Travel Insurance & Business Travel Insurance Eurotunnel Tickets & Eurotunnel Le Shuttle Reservations
Search: