Disclosure Policy

Taneja Group’s Vulnerability Disclosure Policy

Vulnerability Disclosure Policy

At Taneja Group (referred to as “Company”), we prioritize customer trust and information security above everything else. We make continuous efforts to maintain a secure IT environment and appreciate the efforts of the security researcher community to protect our information and the privacy of our customers. However, we recognize that vulnerabilities can arise, and if you find one in our systems, we request that you notify us immediately and responsibly disclose it.

Our Vulnerability Disclosure Policy is not an invitation to actively probe our IT environment or internet-facing services to discover vulnerabilities. Such probes are considered illegitimate and will attract attention from our security team, triggering investigatory activities.

Reporting Vulnerabilities Responsibilities and Procedures

If you believe that you have found a material vulnerability, kindly report it to us by submitting the form provided on our website. When reporting, please include a detailed account of the vulnerability and a method for us to replicate it. It is mandatory to report the Common Vulnerability Scoring System (CVSS) score obtained by clicking here. Please do not disclose the vulnerability publicly or to any other party other than Taneja Group.

Taneja Group shall conduct its own triaging and risk assessment of the findings and make an appropriate decision on informing our customers, stakeholders, and regulatory bodies. You are not authorized to make any announcement on behalf of the company.

Only vulnerabilities discovered on the https://tanejagroup.in/ domain are eligible under this disclosure program. The vulnerabilities reported in compliance with the above-stated responsibilities and procedures will be seen in the overall business and threat context of Taneja Group and duly assessed by the company’s Information Security along with relevant SME teams for validity. 

The company does not authorize intrusive penetration testing, scanning tools, or any action that may intentionally or incidentally negatively impact the integrity of our services, including actions that may cause a degradation of services or put customer confidentiality at risk. Nor do we authorize research that is not legitimate, not helpful to the overall security program of Taneja Group, or not conducted in good faith.

We appreciate your cooperation and assistance in helping us maintain a secure IT environment for our customers.

Rewards for Reporting Vulnerabilities

At Taneja Group, we take the security of our IT systems and our stakeholders seriously and  appreciate the efforts of security researchers in helping us identify vulnerabilities that could compromise our systems or the privacy of our customers. While we do not offer monetary rewards for reporting vulnerabilities, we do value and recognize the genuine intent of researchers who partner with us in keeping our stakeholders safe.

As a token of our appreciation, we may recognize you through official email communication. In the event that multiple researchers report the same vulnerability, we will consider recognizing all the responsible disclosures through email.

It is important to note that if there is any inconsistency between this policy and any other applicable terms, the terms of this policy shall prevail.

Hi there,

At Taneja Group, we take pride in providing the highest quality construction and renovation supplies to our customers. From cement and bricks to tiles and plumbing fixtures, we offer a wide range of products to meet your needs.

We understand that your time is valuable, which is why we offer rapid home deliveries. Simply send us a list of the supplies you require, and we’ll take care of the rest.

Thank you for choosing Taneja Group for your construction and renovation needs.