RETURNS & REFUNDS
How can I return an item purchased from Bizongo?
You can conveniently place your return request if you've received an item in a 'Damaged', 'Defective' or 'Not as Described' state. To return a product, you can email us at firstname.lastname@example.org or call at our helpline number - +91 8080004646 with the following details
- Order ID
- Reason for returning the item
- Images clearly showing a damage/missing product in the order
Post receiving your request, Bizongo’s Customer Support will confirm the return request and will inform you about the pickup process. It is advised that the return packets should be adequately packaged. The final decision of the request will lie with Bizongo and cannot be contested.
When and on what terms can I return the shipment?
If you are dissatisfied with your order, Bizongo is here to help. If the products in your order are 'Damaged', 'Defective', 'Wrongly Shipped' or in a 'Not as Described' state, please notify us within 7 days from the receipt of your order. Subject to a quality check from our end, we'll do our best to process your request in a timely manner. In case, we do not receive any objection from you within 7 days of delivery, we will consider the goods are as per the specifications requested by you.
CANCELLATIONS & REFUNDS
Before you receive the order
You can cancel the order online anytime before it gets dispatched. Once you request for cancellation of your order, it will take us a maximum of 1-2 business days for the cancellation to reflect in our systems. The same will be notified to you by email. Your entire order amount will be refunded within 7-10 working days.
After you receive the order
In case of returns, once your return request is accepted by Bizongo, the entire refund amount will be reversed to you through NEFT/RTGS. Logistics charges will be borne by Bizongo, and you will not be charged for it.
BY USING THIS WEBSITE, YOU AGREE TO THE TERMS AND CONDITIONS OF THIS POLICY. IF YOU DO NOT AGREE WITH THE TERMS AND CONDITIONS OF THIS POLICY, PLEASE DO NOT PROCEED FURTHER TO USE THIS WEBSITE.
- The type of data or information that You share with or provide to Bizongo and that Bizongo collects from You;
- The purpose for collection of such data or information from You;
- Bizongo's information security practices and policies;
- Bizongo's policy on sharing or transferring Your data or information with third parties.
COLLECTION OF INFORMATION
- Your privacy is important to us and we have taken steps to ensure that we do not collect more information from you than is necessary for us to provide you with our services and to protect your account
- Information including, but not limited to, user name, address, phone number, fax number and email address ("Registration Information") may be collected at the time of user registration on the website.
- In connection with any transaction and payment services or services under our buyer protection schemes we provide on the Website, information, including but not limited to, bank account numbers, billing and delivery information, credit/debit card numbers and expiration dates and tracking information from cheques or money orders ("Account Information") may be collected to, among other things, facilitate the sale and purchase as well as the settlement of purchase price of the products or services transacted on or procured through the website.
- We record and retain details of users’ activities on the website. Information relating to such transactions including, but not limited to, the types and specifications of the goods, pricing and delivery information and any trade dispute records (“Activities Information”) may be collected when sale and purchase transactions are conducted on or facilitated through the website.
- We record and retain records of users' buying and browsing activities on our platform including but not limited to IP addresses, browsing patterns and buyer behavioral patterns. In addition, we gather statistical information about the website and visitors to the website including, but not limited to, IP addresses, browser software, operating system, software and hardware attributes, pages viewed, number of sessions and unique visitors (together "Browsing Information").
- Registration Information, Account Information, Activities Information and Browsing Information generally relate to business entities and are together referred to as business (“Business Data”). Insofar and only insofar as they constitute personally identifiable data of living individuals, such information are together referred to as personal data (“Personal Data”).
- We do not store any messages, photos, videos or documents from your chats/emails through our servers.
- You hereby represent to Bizongo that the Information You provide to Bizongo from time to time is and shall be authentic, correct, current and updated and You have all the rights, permissions and consents as may be required to provide such Information to Bizongo.
- Your providing the Information to Bizongo and Bizongo's consequent storage, collection, usage, transfer, access or processing of the same shall not be in violation of any third party agreement, laws, charter documents, judgments, orders and decrees.
USE OF TECHNOLOGY
Bizongo collects, uses, stores and processes Your Information for any purpose as may be permissible under applicable laws (including where the applicable law provides for such collection, usage, storage or processes in accordance with the consent of the user) including the following (“Purposes”):
- to facilitate Your use of the Website;
- to respond to Your inquiries or fulfil Your requests for information about the various products and services offered on the Website;
- to provide You with information about products and services available on the Website and to send You information, materials, and offers from Bizongo;
- to send You important information regarding the Website, changes in terms and conditions, user agreements, and policies and/or other administrative information;
- to send You surveys and marketing communications that Bizongo believes may be of interest to You;
- to personalize Your experience on the Website by presenting advertisements, products and offers tailored to Your preferences;
- to help You address Your problems incurred on the Website including addressing any technical problems;
- if You purchase any product or avail of any service from the Website, to complete and fulfil Your purchase, for example, to have Your payments processed, communicate with You regarding Your purchase and provide You with related customer service;
- for proper administering of the Website;
- to conduct internal reviews and data analysis for the Website (e.g., to determine the number of visitors to specific pages within the Website);
- to improve the services, content and advertising on the Website;
- to facilitate various programs and initiatives launched by Bizongo or third party service providers and business associates;
- to analyse how our services are used, to measure the effectiveness of advertisements, to facilitating payments;
- to protect the integrity of the Website;
- to respond to legal, judicial, quasi-judicial process and provide information to law enforcement agencies or in connection with an investigation on matters related to public safety, as permitted by law;
- to conduct analytical studies on various aspects including user behaviour, user preferences etc.;
- to permit third parties who may need to contact users who have bought products from the Website to facilitate service and any other product related support;
- to implement information security practices;
- to determine any security breaches, computer contaminant or computer virus;
- to investigate, prevent, or take action regarding illegal activities and suspected fraud;
- to undertake forensics of the concerned computer resource as a part of investigation or internal audit;
- to trace computer resources or any person who may have contravened, or is suspected of having or being likely to contravene, any provision of law including the Information Technology Act, 2000 that is likely to have an adverse impact on the services provided on any Website or by Bizongo.
You hereby agree and acknowledge that the Information so collected is for lawful purpose connected with a function or activity of Bizongo or any person on our behalf, and the collection of Information is necessary for the Purposes.
DISCLOSURE OF PERSONAL DATA
- You further agree that we may disclose and transfer your Personal Data to service providers engaged by us to assist us with providing you with our services (including but not limited to data entry, database management, promotions, products and services alerts, delivery services, payment extension services, and membership authentication and verification services) ("Service Providers"). These Service Providers are under a duty of confidentiality to us and are only permitted to use your Personal Data in connection with the purposes specified above, and not for their own purposes (including direct marketing).
- When necessary we may also disclose and transfer your Personal Data to our professional advisers, law enforcement agencies, insurers, government and regulatory and other organizations for the purposes specified at B.9 above.
- Any Personal Data supplied by you will be retained by us and will be accessible by our employees, any Service Providers engaged by us and third parties referred to above, for or in relation to any of the Purposes.
- All Voluntary Information may be made publicly available on the website and therefore accessible by any internet user. Any Voluntary Information that you disclose to us becomes public information and you relinquish any proprietary rights (including but not limited to the rights of confidentiality and copyright) in such information. You should exercise caution when deciding to include personal or proprietary information in the Voluntary Information that you submit to us.
- We may share your Account Information with banks or vendors to enable your transactions on the website to be completed. In addition, we may use your Account Information to determine your creditworthiness and, in the process of such determination, we may need to make such Account Information available to banks or credit agencies. While we have in place up-to-date technology and internal procedures to keep your Account Information and other Personal Data secure from intruders, there is no guarantee that such technology or procedures can eliminate all of the risks of theft, loss or misuse.
- We may provide statistical information to third parties, but when we do so, we do not provide personally-identifying information without your permission.
The website and their contents are not targeted to minors (those under the age of 18) and we do not intend to sell any of our products or services to minors. However, we have no way of distinguishing the age of individuals who access our Site. If a minor has provided us with personal information without parental or guardian consent, the parent or guardian should contact our Legal Department at the address set out in paragraph D above to remove the information.
We employ commercially reasonable security methods to prevent unauthorized access to the website, to maintain data accuracy and to ensure the correct use of the information we hold. For registered users of the website, your Registration Information and Account Information (if any) can be viewed and edited through your account, which is protected by a password. We recommend that you do not divulge your password to anyone. Our personnel will never ask you for your password in an unsolicited phone call or in an unsolicited email. If you share a computer with others, you should not choose to save your login information (e.g., user ID and password) on that shared computer. Remember to sign out of your account and close your browser window when you have finished your session. No data transmission over the internet or any wireless network can be guaranteed to be perfectly secure. As a result, while we try to protect the information we hold for you, we cannot guarantee the security of any information you transmit to us and you do so at your own risk.
USER DISCRETION AND OPT OUT
You agree and acknowledge that You are providing Your Information out of Your free will. Subject to certain exceptions prescribed by law and provided Bizongo can authenticate Your identity, You can contact Bizongo at email@example.com or send mail to Bizongo HQ, 3rd Floor, A Wing, Krislon House, Krishanlal Marwah Marg, Saki Naka, Andheri East, Mumbai, Maharashtra - 400072 to:
- Access, verify, correct, update, amend, restrict, object to, or later on withdraw Your consent delete any personal information Bizongo has about You.
- Review the information Bizongo retains, how it has been used, to whom Bizongo has disclosed such information to.
- Opt to transfer Your personal data.
- Change preferences regarding how Your personal information is disclosed.
- Notify Bizongo if You do not want Your data to be processed anymore.
- Notify Bizongo if You do not wish to receive further communication from Bizongo.
We will respond to such requests in reasonable time within the time limits established by the applicable law. In accordance with the applicable laws, we reserve the right to charge you a reasonable fee for the processing of any data access or correction request.
In the event that You opt out, You should neither visit the Website nor use the services provided by Bizongo nor shall You contact Bizongo. Further, Bizongo may not deliver products to You, upon Your order, or Bizongo may deny You access from using certain services offered on the Website.
Grievance Officer Name: Vijay Chaurasia
Postal address: Smart Paddle Technology Pvt. Ltd. 3rd Floor, A Wing, Krislon House, Krishanlal Marwah Marg, Saki Naka, Andheri East, Mumbai, Maharashtra 400072
Telephone number: +91 9324802875
To be eligible for recognition, you must
Be the first person to responsibly disclose the bug.
Please report any bugs that could potentially compromise the privacy of our users' data, by pass the system's protective measures, or grant unauthorized access to any system within our infrastructure.
Types of Recognition
Hall of Fame
Rules of Engagement
When reporting a vulnerability to us, please allow us a reasonable amount of time to investigate and address the issue. Additionally, we kindly request that you refrain from accessing sensitive information, performing actions that could harm other Bizongo users, or using automated tools to generate reports.
Please do not exploit any security vulnerabilities that you discover, including attempting to access sensitive company data or probing for additional issues that could cause harm.
We ask that you do not violate any laws or agreements while searching for vulnerabilities, and that you do not publicly disclose any details of the vulnerability without first obtaining Bizongo's permission.
At Bizongo, we appreciate security researchers who help us keep our users safe by identifying vulnerabilities in our services. While recognition for such reports is entirely at our discretion and
based on factors such as risk and impact, we do offer a Hall of Fame for those who meet the following requirements:
- Adhere to our Responsible Disclosure Policy
- Report a security bug that identifies a vulnerability in our services or infrastructure, which creates a security or privacy risk. Please note that we ultimately determine the risk of a vulnerability, and that not all software bugs are security vulnerabilities.
- The reported issue must relate to one of the products or services listed under "Scope".
- We specifically exclude certain types of potential security vulnerabilities; please refer to "Exclusions" for further details.
- If you inadvertently cause a privacy violation or disruption while investigating a vulnerability, please disclose this in your report.
In evaluating reports under our responsible disclosure program,
- We investigate and respond to all valid reports. However, due to the high volume of reports we receive, we prioritize evaluations based on risk and other factors, which may delay our response time.
- We determine recognition in our Hall of Fame based on various factors, including the impact of the report, the ease of exploitation, and the quality of the report. Please note that extremely low-risk vulnerabilities may not qualify for recognition in our Hall of Fame.
- In the event of duplicate reports, we recognize the first person to submit a vulnerability, and we may not share details of the other reports.
Please note that your use of Bizongo's services, including for the purposes of this program, is subject to our Terms and Policies. We may retain any communications regarding security vulnerabilities that you report for as long as we deem necessary for program purposes, and we may modify or cancel this program at any time.
<TBD> need to key in all public domains
How to Report a Vulnerability?
If you find a vulnerability in any of our web or mobile app properties, we kindly ask that you follow the steps outlined below:
- Fill out the vulnerability report form with all the necessary details to replicate the vulnerability. This may include screenshots, videos, or simple instructions.
- If possible, please provide your contact information (phone number) so that our security team can get in touch with you if additional information is needed to identify or resolve the issue.
- If the vulnerability you've found can potentially extract information from our customers or systems or disrupt our system's normal operation, please do not exploit it. This is crucial for us to consider your disclosure as responsible.
- While we appreciate the contributions of Whitehat hackers, we reserve the right to take legal action if the vulnerabilities you've discovered are exploited for illegal purposes, such as gaining access to restricted customer or system information or disrupting our systems.
The program generally considers any design or implementation problem that can be replicated and significantly impacts the security of Bizongo users. Some typical examples of such issues are:
- Cross Site Scripting (XSS)
- Cross Site Request Forgery (CSRF)
- Remote Code Execution (RCE)
- Authentication/Authorisation flaws
- Domain take-over vulnerabilities
- Able to take-over other Bizongo user accounts (while testing, use your own another test account to validate)
- Any vulnerability that can affect the Bizongo Brand, user data and financial transactions
The following bugs are unlikely to be eligible:
- Vulnerabilities found through automated testing
- "Scanner output" or scanner-generated reports
- Publicly released CVE’s or 0-days in internet software within 90 days of their disclosure
- "Advisory" or "Informational" reports that do not include any Bizongo testing or context
- Vulnerabilities requiring MITM or physical access to the victim’s unlocked device.
- Denial of Service attacks
○ SPF and DKIM issues
○ Content injection
○ Hyperlink injection in emails
○ IDN homograph attacks
○ RTL Ambiguity
- Content Spoofing
- Vulnerabilities relating to Password Policy
- Full-Path Disclosure on any property
- Version number information disclosure
- Third-party applications on the Bizongo Application directory (identified by the existence of a "Report this app" link on the app's page). Please report vulnerabilities with these services to the creator of that specific application.
- Clickjacking on pre-authenticated pages, or the non-existence of X-Frame-Options, or other non-exploitable clickjacking vulnerabilities
- CSRF-able actions that do not require authentication (or a session) to exploit Reports related to the following security-related headers
○ Strict Transport Security (HSTS)
○ XSS mitigation headers (X-Content-Type and X-XSS-Protection)
○ Content Security Policy (CSP) settings (excluding nosniff in an exploitable scenario)
- Bugs that do not represent any security risk
- Security bugs in third-party applications or services built on the Bizongo API - please report them to the third party that built the application or service
- Security bugs in software related to an acquisition for a period of 90 days following any public announcement
- HTTP TRACE or OPTIONS methods enabled
- Non-sensitive (i.e., non-session) cookies missing the Secure or HttpOnly flags
- Tap jacking
- Mobile client issues require a rooted device and/or outdated OS version or SSL pinning issues.
- Subdomain takeovers without supporting evidence
- Missing best practices in SSL/TLS configuration.
- Open ports without an accompanying proof-of-concept demonstrating vulnerability
- Vulnerabilities in the whitehat report form
We currently do not offer a bounty or cash reward program for such disclosures, but we appreciate your contribution and express our gratitude in various ways. If you make a sincere and ethical disclosure, we would be delighted to publicly recognize your contribution in the designated section on our website. However, we understand that you may not want a public acknowledgement, and we will respect your preference accordingly.
Hall Of Fame
We would like to extend our gratitude to the individuals listed below for identifying and responsibly disclosing security vulnerabilities in Bizongo's owned apps, products, or services. Their efforts and contributions towards the security of Bizongo are highly appreciated.