Contact: support at the domain innstyle.co.uk Preferred-Language: en ## Welcome! Thank you for visiting an Inn Style website. We are a platform for reservations management. We prioritize the security and privacy of our users and are committed to maintaining a safe online environment. We encourage responsible disclosure of any vulnerabilities or bugs found on our platform, and we greatly appreciate the assistance of security researchers and concerned users in helping us identify and mitigate potential risks. If you have questions, or have found a bug in our site, please email the contact address above. ### Reporting Security Issues If you believe you have discovered a security vulnerability or have any concerns regarding the security of our website, please contact our support team at the email above. We kindly request that you follow responsible disclosure practices by providing us with the necessary details to reproduce and validate the issue. Please include the following information in your report: - Description of the vulnerability or bug. - Steps to reproduce the issue, including details of login accounts used. - The affected website section or feature. - Any supporting evidence (e.g., screenshots or proof-of-concept code). Note that your report should explain the nature of any data that you gleaned. We will never ask you to send us the personally identifiable information. For example, "We saw 5 full names, with associated email addresses" would be fine. ### Responsible Disclosure We value the efforts of the security community in ensuring the safety of our platform. To show our appreciation, we commit to the following: - We will investigate all reported vulnerabilities and take appropriate actions to address them promptly. - If you abide by responsible disclosure practices and report vulnerabilities to us, we will not initiate legal action against you or involve law enforcement authorities beyond our regulatory obligations, provided that you adhere to the guidelines outlined below. - We may engage with questions around the vulnerabilities found, as far as we feel our security allows. ### Guidelines for Responsible Disclosure - You must not try to access data belonging to other users in bulk. - If you do manage to access personally identifiable information (PII), you must not share that data with anyone. - You must take all reasonable steps to delete any such PII - both from data saved to your computer, intermediate systems (such as emails stored on email servers) and any backups of that data. - You must not use any unauthorised sensitive information obtained in any way. - You must not share or disclose any unauthorised sensitive information obtained. - If such information is inadvertantly shared, then we will require that you send us sufficient information to identify the PII that you shared. In most cases, the URL that you found the data on will suffice. - You must not intentionally perform any actions to cause degradation or disruption of our services. - You must not exploit any vulnerability beyond what is necessary to demonstrate the security flaw. - You must not publish the existance of or steps to reproduce the vulnerability until we notify you that the vulnerability has been patched, or we notify you that the vulnerability cannot be patched. ### Unwelcome Activities While we welcome responsible disclosure, unauthorized or abusive use of our website is strictly prohibited. Activities such as unauthorized penetration testing (pentesting) without express permission and a written contract are not permitted. Additionally, any abusive behavior or exploitation of vulnerabilities with malicious intent is illegal and will not be tolerated. We reserve the right to take appropriate legal action against individuals or organizations engaged in unauthorized activities on our platform. In such cases, we will report any abusive or illegal activities to the relevant law enforcement authorities. Thank you for taking the time to review our security.txt file. We greatly appreciate your cooperation in helping us maintain a secure environment for all our users.