Home
About
Open source Mobile apps Frequently asked questions Migrating from Google Photos About us
Pricing Blog
Help Center
Account Immich Other Contact support
Get Started

Responsible Disclosure

Responsible Disclosure Policy for PixelUnion

At PixelUnion, we prioritize the security of our systems and those of our customers. Despite our best efforts, vulnerabilities may still exist. To address this, we have established a Responsible Disclosure Policy.

If you discover a vulnerability in any of our ICT systems, we encourage you to report it to us so that we can take immediate action. We appreciate your collaboration in protecting our customers and our systems.

Guidelines for Reporting

  • Email your findings to support@pixelunion.eu
  • Handle the knowledge of the security issue carefully. Avoid any actions beyond those necessary to reveal the problem.
  • Do not share information about the security issue with others until it has been resolved.
  • Avoid attacks on physical security, social engineering, distributed denial of service, spam, or third-party applications.
  • Report the vulnerability as soon as possible after discovery. Provide sufficient information to reproduce the issue, including the IP address or URL of the affected system and a description of the vulnerability.

What to Expect from Us

  • Response Time: We will respond within three working days with an assessment and an expected resolution date.
  • No Legal Consequences: If you comply with the above conditions, we will not take any legal action against you.
  • Confidentiality: We will handle your report confidentially and will not share your personal details with third parties without your permission, unless required by law.
  • Progress Updates: We will keep you informed about the progress in resolving the issue.
  • Recognition: With mutual agreement, we can acknowledge your contribution by mentioning your name as the discoverer of the vulnerability.
  • Rewards: We offer a place on our Responsible Disclosure Hall of Fame as a token of appreciation. For particularly serious vulnerabilities, we may provide additional rewards, depending on the severity and quality of the report.

We aim to resolve security issues promptly and appreciate being involved in any publication about the problem after it has been fixed.

Responsible Disclosure Hall of Fame

Want to see your name here? Report a security vulnerability according to our procedure, and you might be featured!

Chetan Patil

Chetan Patil