Report a Security Issue – Flamezy.shop
Security & Trust

Report a Security Issue

Last Updated: May 2026  ·  Flamezy.shop

🔒  Your security matters to us.  We take every report seriously and respond promptly.

At Flamezy.shop, protecting our customers and their data is something we take very seriously. If you have discovered a potential security vulnerability, suspicious activity, or a concern relating to our website or systems, we want to hear from you. This page explains how to report a security issue responsibly and what you can expect from us in return.
Report Directly

Found a Security Issue?

Email our security team as soon as possible. We respond within 48 hours.

✉ contact@flamezy.shop
Section 01

Our Commitment to Security

We are committed to maintaining a safe and trustworthy shopping environment for every customer who visits Flamezy.shop. We take appropriate technical and organisational measures to protect our website, your personal data, and your payment information.

We recognise that no system is entirely immune to vulnerabilities. That is why we welcome responsible disclosure from security researchers, customers, and members of the public who identify potential issues with our website or services. Your contribution helps us keep Flamezy.shop safe for everyone.

We appreciate responsible disclosure. If you identify a genuine security issue and report it to us in good faith, we commit to investigating your report promptly, keeping you informed of our progress, and working to resolve the issue as quickly as possible.
Section 02

What to Report

We are interested in hearing about any security concern that could affect the safety of our website, customer data, or payment systems. The following are examples of issues that fall within the scope of this policy:

In Scope — Please Report These

🔓
Unauthorised Access Vulnerabilities that could allow an attacker to access customer accounts or data without permission.
💉
Injection Vulnerabilities SQL injection, cross-site scripting (XSS), or other code injection issues on our website.
🔐
Authentication Weaknesses Flaws in login, session management, or account recovery processes that could be exploited.
📦
Data Exposure Unintended exposure of customer data, order information, or personal details through the website.
🛒
Payment or Checkout Issues Any security concern relating to our checkout process, payment flow, or order handling.
📧
Phishing or Impersonation Fake websites, emails, or communications impersonating Flamezy.shop to defraud our customers.

Out of Scope — Please Do Not Report These

🚫
Social Engineering Attempts to manipulate our staff or customers through deceptive tactics.
🚫
Denial of Service (DoS) Attacks or tests that disrupt or degrade the availability of our website.
🚫
Physical Security Concerns relating to physical premises, hardware, or on-site access.
🚫
Third-Party Services Vulnerabilities in third-party tools or platforms we use, such as Stripe or WooCommerce — please report these directly to the provider.
Section 03

How to Report a Security Issue

If you have identified a security vulnerability or concern, please report it to us as soon as possible by following the steps below. We ask that you do not publicly disclose the issue until we have had a reasonable opportunity to investigate and address it.

1
Email Our Security Team Send your report to contact@flamezy.shop with the subject line: “Security Issue Report”. Please do not share sensitive vulnerability details through any other channel.
2
Describe the Issue Clearly Include as much detail as possible — the type of vulnerability, where it was found on our website, steps to reproduce it, and any potential impact you have identified. Screenshots or recordings are helpful where available.
3
Include Your Contact Details Provide your name and email address so we can follow up with you directly. Your contact details will be kept strictly confidential and used only in connection with your report.
4
Await Our Response We will acknowledge your report within 48 hours and keep you updated on our investigation and resolution progress.
Section 04

What to Include in Your Report

To help us investigate and resolve your report as efficiently as possible, please include the following information where available:

  • Type of vulnerability — e.g. XSS, SQL injection, data exposure, authentication flaw
  • Location of the issue — the specific URL, page, or feature on our website where the vulnerability exists
  • Steps to reproduce — a clear, step-by-step description of how to trigger or observe the issue
  • Potential impact — your assessment of what an attacker could achieve by exploiting this vulnerability
  • Supporting evidence — screenshots, screen recordings, proof-of-concept code, or HTTP request/response logs where relevant
  • Your contact details — name and email address for follow-up correspondence
ℹ️
Partial reports are still welcome. If you are unsure about some of the details, please report what you know. An incomplete report is far better than no report at all, and our team will work with you to gather any additional information needed.
Section 05

Our Response Timeline

We take all security reports seriously and aim to respond and resolve issues as promptly as possible. Below is our target response timeline for security reports:

Stage Target Timeframe
Initial acknowledgement Within 48 hours of receiving your report
Preliminary assessment Within 5 business days
Investigation & triage Within 10 business days (dependent on complexity)
Resolution or mitigation As quickly as possible — we will keep you informed of progress
Confirmation of fix We will notify you once the issue has been resolved

For complex or critical vulnerabilities, resolution may take longer. We will always communicate openly with you throughout the process and provide regular updates.

Section 06

Responsible Disclosure Guidelines

We ask that anyone reporting a security issue to Flamezy.shop acts in good faith and follows the responsible disclosure principles below.

✓  Please Do

  • Report issues promptly and in good faith
  • Provide enough detail to reproduce the issue
  • Allow us reasonable time to investigate before disclosing publicly
  • Only test using your own accounts or test data
  • Keep all communication confidential until resolved
  • Contact us if you are unsure whether something qualifies

✕  Please Do Not

  • Access, modify, or delete customer data
  • Disrupt or degrade the performance of our website
  • Share the vulnerability with others before it is fixed
  • Use the vulnerability for personal gain or exploitation
  • Conduct automated scanning without prior permission
  • Attempt social engineering against our staff or customers
⚠️
Legal notice: Any individual who accesses, modifies, or exfiltrates customer data — or who attempts to exploit a vulnerability for personal gain — may be subject to legal action under the Computer Misuse Act 1990 and other applicable UK laws. Responsible disclosure carried out in good faith and in accordance with these guidelines will not be pursued legally.
Section 07

Reporting Suspicious Activity as a Customer

If you are a customer and have noticed something suspicious — such as an unexpected charge, an email claiming to be from Flamezy.shop that looks fraudulent, or any other activity that concerns you — please contact us immediately. You do not need to be a security professional to raise a concern.

  • Unexpected or unauthorised charges on your card after ordering from us
  • Phishing emails pretending to be from Flamezy.shop asking for personal or payment details
  • Fake websites impersonating Flamezy.shop to deceive customers
  • Account compromise — if you believe your Flamezy.shop account has been accessed without your permission
  • Any other suspicious communication involving our store name, logo, or branding
ℹ️
Reminder: Flamezy.shop will never contact you to ask for your password, full card number, PIN, or online banking credentials. If you receive such a request, please do not respond and report it to us immediately at contact@flamezy.shop.
Section 08

Confidentiality & Privacy

We understand that individuals reporting security issues may have concerns about their privacy. We are committed to handling all security reports with the utmost confidentiality.

  • Your identity will not be disclosed to any third party without your explicit consent
  • Your contact details will be used solely for the purpose of following up on your security report
  • We will not share the details of your report beyond the individuals directly involved in investigating and resolving the issue
  • Anonymous reports are accepted — however, please note that anonymous reports may limit our ability to follow up or seek further information

Any personal data you provide as part of your security report will be handled in accordance with our Privacy Policy and UK GDPR obligations.

Section 09

Changes to This Policy

We may update this Security Reporting Policy from time to time to reflect improvements in our security practices or changes in legal requirements. Any updates will be published on this page with a revised “Last Updated” date.

We encourage all customers and security researchers to review this page periodically. If you have any questions about our security practices, please do not hesitate to reach out.

Contact & Business Information

To report a security issue, email us directly. We respond within 48 hours.

Store Name
Flamezy.shop
Security Email
contact@flamezy.shop
Support Phone
+44 [Leave Blank]
Business Address
[Leave Blank]
Working Hours
Mon – Fri: 9:00 AM – 6:00 PM
Saturday: 10:00 AM – 4:00 PM
Sunday: Closed

This policy is governed by and construed in accordance with the laws of England and Wales.