Security
If you have found a security issue in Revisita, please write to revisita@ateliernortia.com with the subject line “Security”. We will acknowledge within two working days and keep you informed as we investigate.
What we ask
- Please give us a reasonable opportunity to investigate and address the issue before disclosing it publicly.
- Please do not test against users other than yourself, and do not access, modify, or destroy data that is not yours.
- Please act in good faith. We will respond in kind.
What we will do
- Acknowledge your report within two working days.
- Investigate and keep you updated on the status.
- Credit you in our release notes if you wish, once the issue is fixed (or not, if you prefer to remain anonymous).
- We do not currently run a paid bug-bounty programme.
What is in scope
Vulnerabilities in the Revisita mobile application (Android and iOS) and in this website (ateliernortia.com and its subdomains).
What is out of scope
- Issues in third-party services we rely on (Google Play, Apple App Store, Cloudflare). Please report those to the relevant vendor.
- Social-engineering attacks against our staff or contractors.
- Physical attacks against premises or hardware.
- Denial-of-service attacks.
Contact
revisita@ateliernortia.com (subject: Security)
BWE Ltd., Varna, Bulgaria