Security Policy

Responsible Disclosure

At Rangya, we take the security of our systems seriously. Despite our best efforts, vulnerabilities may still exist. If you discover a vulnerability, we would like to know about it so we can take steps to address it. We encourage responsible disclosure of vulnerabilities following these guidelines:

  • Provide details of the vulnerability, including information needed to reproduce and validate the vulnerability
  • Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our services
  • Do not access or modify data that does not belong to you
  • Give us reasonable time to respond to your report before making any information public

Please report security issues by emailing security@ranga-denim.com. We will acknowledge receipt of your vulnerability report and send you regular updates about our progress.

Our Commitments

When working with us according to this policy, you can expect us to:

  • Respond to your report promptly, acknowledging receipt within 48 hours
  • Provide an estimated timeframe for addressing the vulnerability
  • Notify you when the vulnerability is fixed
  • Not take legal action against you for security research conducted in accordance with this policy
  • Recognize your contribution if you are the first to report a unique vulnerability, and your report triggers a code or configuration change

Scope

This policy applies to all Ranga digital properties, including:

  • Our website: ranga-denim.com
  • Our mobile applications
  • Our API endpoints

The following test types are explicitly NOT authorized:

  • Network denial of service (DoS or DDoS) tests
  • Physical security testing
  • Social engineering attacks
  • Tests on systems or applications not owned by us
Contact Us