Achetes Online

Shopping Cart 0
R0.00

Responsible Disclosure Policy

At Achetes Online, we believe the simple principle that our customers come first. We aim to keep our website, mobile site, and related software applications (“Website”), as well as the service offered on our Website (“Service”) safe for everyone to use, and data security is of the utmost importance. If you have discovered a security vulnerability in our Website or Service, we encourage you to contact us and disclose it to us in a responsible manner.

Once security vulnerabilities are reported to us in compliance with this policy, Achetes Online will confirm and fix these vulnerabilities as soon as reasonably possible, in line with our commitment to the privacy, safety and security of our customers. We will not take legal action against you or terminate your access to the Service if you discover and report security vulnerabilities responsibly in compliance with this policy. Achetes Online reserves all of its legal rights in the event of any noncompliance with this policy.

If you are looking to report another type of issue, which falls outside of the bounds of this policy, for example if you are a current customer and you suspect fraudulent activity or suspect that your account may have been compromised, please contact our support team here. Your issue will be investigated immediately and thoroughly.

 

Reporting a Security Vulnerability

If you think that you have found a security vulnerability in our Website or Service, please contact us immediately via security@achetesonline.com. When reporting a security vulnerability, please follow the following:

  • Include as much information as possible in your report, as we require a way to reproduce the security vulnerability to validate and fix it. “Proof-of-Concept” programs, tools, or test accounts that you have created are welcome, and the following information is required:
    • the URL where the vulnerability occurs.
    • if applicable, the parameter where the vulnerability occurs.
    • the type of the vulnerability.
    • a step-by-step instruction how to reproduce the vulnerability.
    • a demonstration of the vulnerability, by screenshots or video; and
    • if applicable, an attack scenario (an example attack scenario may help demonstrate the risk and get the issue resolved faster).
  • Do not share your findings with anyone until Achetes Online has had adequate time to investigate and deploy a fix. We will notify you when the security vulnerability has been patched.
  • Consider telling us how to identify you.

 

We are particularly interested in:

  • XSS attacks
  • SQL injection
  • Remote code execution
  • Circumventing permission limitations
  • CSRF attacks

 

Restrictions

At Achetes Online, we welcome “white hat” security researchers, and appreciate your research and proactive responsible disclosure. Please note however that Achetes Online does not permit you to do any of the following:

  • access, modify or destroy a Achetes Online customer’s account or data.
  • interrupt or degrade our Service.
  • execute a “Denial of Service” attack.
  • post, transmit, upload, link to, send or store any malicious software.
  • send any unsolicited or unauthorized mail or messages.
  • violate any applicable law.
  • perform any testing that would result in any of the above; or
  • attempt to do any of the above.

Contravening this policy in any way may result in us suspending or terminating your access to the Service, contacting the relevant authorities and/or pursuing any other remedies we have at law.

 

Our Commitment

If you identify a security vulnerability in compliance with this policy, Achetes Online commits to:

  • acknowledging receipt of your vulnerability report in a timely manner.
  • confirming the validity of your report; and
  • notifying you when the vulnerability is fixed.

We will unfortunately not offer any monetary rewards.

 

Achetes Online Virtual  Services: Terms and Conditions

Please take a moment to read these terms and conditions (the “Terms”) to understand how they apply to your use of our Virtual Clothing & Beauty Try On Services (“the Services”). We encourage you to read these Terms carefully you agree to be bound thereby once you make use of the Services. As your use of the Services requires that we access your image (by way of your device camera or upload) it is also important that you understand that we may process your image in terms of our.

The Services are owned and operated by Mzuzu Iot Proprietary Limited T/A (“Achetes Online”), a company registered in the Republic of South Africa (Reg. No. 2015/004534/07), which has its registered office at SOUTHDOWNS RIDGE OFFICE PARK, JOHN VORSTER DRIVE, CENTURION, GAUTENG, 0062, South Africa. 

The Services: The Services are available, free of charge, to all existing and new Achetes Online’s customers via the Achetes Online website and mobile application. The Services include the virtual clothing & make up try-on of a number of products across our apparel & beauty products offering.

As the Services will be provided virtually, please ensure that you are equipped with a suitable device and internet connectivity. As there will not be any physical assessment or contact involved when you make use of the Services, the efficacy of the Services is contingent on the quality of the image that you provide us with.

In order for the Services to perform optimally when uploading your image or turning on your camera to capture your image, make sure that you are surrounded by multiple light sources and no harsh lighting spots as these may cause dark shadows. Sufficient lighting is essential to the functioning of the Services and will assist in you seeing the best possible result in respect of a product’s application on your image. Where you are not using the camera and are uploading an image, ensure that the uploaded image is of good quality, clear and well lit. You warrant that any image uploaded is your own and that you have permission to use it in the manner contemplated in these Terms.

Due to the virtual nature of the Services, the results provided to you during your use thereof should be considered as a guide/indication as to how the product/s may look when you use them on your skin. Achetes Online shall not be responsible for any discrepancies in the appearance of the product when it is applied virtually versus in reality. Achetes Online shall not be liable for any allergic reactions, sensitivities, medical conditions, injury or other adverse effects that are triggered by your use of any products that you purchase using the Services. The onus is on you to be aware of how a product may react on your skin before purchasing it.

Our returns policy applies to all products purchased while making use of the Services. 
We reserve the right to suspend or cancel the Services at any time, without notice.

Your personal information: Your privacy matters to us and we are committed to the protection of your personal information. We keep your personal information private and only disclose it to other companies if you ask us to, or if they need it to help us provide services to you.