Vault Infosec endeavours to provide a safe and transparent setting for security vulnerability disclosure.
To be able to participate on the site, you need to create an account for which we collect certain information.
This information is used to make sure that Vault Infosec works properly, and to improve user experience. This may include using your information for analytical purposes.
Stated below is a more detailed explanation of the information we collect and use.
When you create an account with Vault Infosec, you are required to provide your name, username, password, and email address. Vault Infosec stores this information to help identify you when you log in and help you communicate with other users. If you prefer, your name may be a pseudonym instead of a legal name.
Once you have become a registered user with Vault Infosec, you create a user profile where you post information to help you communicate with other Vault Infosec users. Your profile includes your name, username, and user identification number. You can also choose to add any other information you like in the About field.
In addition to personal information, we collect any Vulnerability Information and Content that you submit, post, or display on the Services.
We receive some information automatically when you visit Vault Infosec. This includes information about the device, browser, and operating system you use when accessing our site, your IP address, the website that referred you to Vault Infosec, which pages you request and visit, and the date and time of each request you make to Vault Infosec. If you visit Vault Infosec when you are logged into your account, we also collect the user identification number we assign you when you open your account.
Vault Infosec sometimes partners with third-party services who may use various tracking technologies to provide certain services or features, including targeted online marketing. These technologies allow a partner to recognize your computer or mobile device each time you visit Vault Infosec, but do not allow access to Your Information from Vault Infosec.
We may use your Information when needed to keep the site running and prevent abuse. Your Information is used internally only where necessary to provide our Services. In addition, if we employ other companies and people to perform tasks on our behalf, we may share Your Information with them as needed to provide products or services to you. For example, we may use a payment processing company to receive and process your payments for us. Unless we tell you differently, our agents do not have any right to use any personal information we share with them beyond what is necessary to assist us. We will only share Your Information (including Vulnerability Information) with your consent, and after letting you know what information will be shared and with whom, unless it is otherwise permitted in this policy. We do not sell Your Information to any third party. In addition, we may disclose Your Information without providing you with prior notice if we believe it's necessary to prevent imminent and serious bodily harm to a person.
You may choose to disable your Vault Infosec account at any time. This means your user profile will no longer be visible on our site. However, public reports and associated information that you've submitted will still be available on Vault Infosec. Due to this reason, users can't entirely delete their accounts.
Vault Infosec will work to secure information submitted to us by our users. We use encryption (HTTPS/TLS) to protect data transmitted to and from our site. However, no data transmission over the internet is completely secure, so we cannot guarantee the absolute security of this data. You use the Service at your own risk, and are responsible for taking reasonable measures to secure your account (such as not disclosing your password to anyone).
We welcome minors to submit reports to Vault Infosec.