Vulnerability Disclosure Policy

Bestnst Shop is committed to maintaining the security and safety of our products and website. This Vulnerability Disclosure Policy explains how security researchers and customers can report potential vulnerabilities in our products or online services.

We encourage responsible disclosure and ask that you review this policy carefully before submitting a report.

Please note that we do not offer financial compensation or rewards for reporting vulnerabilities.

Scope

This policy applies to:

Our website (www.bestnst.shop)

Any updateable or software-enabled components of our products

Associated online services operated by Bestnst Shop

If a vulnerability relates to a third-party platform or service provider, we may refer the issue to the relevant provider.

How to Report a Vulnerability

If you believe you have identified a security vulnerability, please contact us at:

Email: admin@bestnst.shop

Subject line: Vulnerability Report

To help us investigate efficiently, please include:

Date discovered – When you first identified the issue

Product or system affected – Clear identification of the item or service

Location – What part of the product, software, or website is affected

Steps to reproduce – A clear explanation of how the issue can be triggered

Supporting evidence – Screenshots, logs, or proof-of-concept details (if available)

Please provide sufficient detail so that we can validate and assess the issue.

Responsible Disclosure Guidelines

When reporting a vulnerability, you agree to:

Act in good faith

Avoid exploiting the vulnerability beyond what is necessary to demonstrate the issue

Not access, modify, or delete data that does not belong to you

Not disrupt our services or harm other users

Keep details confidential until the issue is resolved or publicly disclosed by us

Failure to follow responsible disclosure practices may result in legal action.

What Happens Next

We will acknowledge receipt of your report within 7 days.

We may contact you if additional information is required.

After receiving a report, we will:

Investigate the issue

Assess the severity and impact

Take appropriate corrective action

If necessary, we may publish a security advisory on our website.
If a fix becomes available, we will update or remove any related security notices.

Limitations

This policy does not authorise:

Testing that causes service disruption

Social engineering attacks

Physical attacks on our premises

Access to customer accounts without explicit permission

Any testing must comply with applicable laws.

Contact

For all vulnerability reports and security-related queries, contact:

Phone: +44 1420831430
Email: admin@bestnst.shop
Address: 9 Kingsway, London WC2B 6XF, United Kingdom