Ritel Incorporated Responsible Vulnerability Disclosure

Ritel Inc. is committed to maintaining the highest standards of security and transparency. This Responsible Vulnerability Disclosure Policy outlines how security researchers, customers, and the public can responsibly report potential security vulnerabilities related to our products, services, or systems. This policy applies to all external parties who identify and wish to report potential security vulnerabilities affecting Ritel Inc.’s systems, applications, or services.

How to Report a Vulnerability

• Vulnerabilities should be reported promptly by emailing our security team at techsupport@ritelinc.com.

• Please provide sufficient details to help us understand and reproduce the issue, including affected systems, steps to reproduce, and any relevant supporting information.

What to Expect

• Upon receiving a report, Ritel Inc. will acknowledge receipt within 3 business days.

• We will review and assess the reported vulnerability and keep the reporter informed of the progress.

• We commit to resolving confirmed vulnerabilities in a timely manner, prioritizing based on severity and impact.

• We will not take legal action against individuals acting in good faith who comply with this policy.

Guidelines for Reporting

• Avoid accessing or modifying data that does not belong to you.

• Do not disrupt services or engage in activities that may impact the privacy or security of other users.

• Do not publicly disclose vulnerabilities until Ritel Inc. has had a reasonable opportunity to investigate and address the issue.

Legal Safe Harbor

Ritel Inc. appreciates and supports responsible security research and will provide safe harbor protections for researchers who comply with this policy and act in good faith.

Contact

For questions or to report a vulnerability, please contact:

Email: techsupport@ritelinc.com