These regulations on programs on the bugbounty.standoff365.com platform (hereinafter referred to as the Regulations) govern the procedure of arrangement and implementation of such programs.
Client |
A legal entity having placed a request to arrange the Program |
Committee |
A group of persons comprising at least two representatives of the Client and one representative of the Organizer, approved for performing the assessment of the Program Participants' Reports |
Organizer |
Positivniye Tekhnologii Joint-Stock Company, OGRN (principal state registration number) 1127746201087, with its office located at Schelkovskoe shosse 23A, room 36, office V, Moscow, 107241, Russian Federation |
Report |
An electronic record provided by the Participant to the Organizer by completing a form in their account on the Platform. It contains the conclusions and description of the completed Program assignment |
Platform |
A website at bugbounty.standoff365.com |
Winner |
A Program Participant to be paid the reward according to the Committee's decision |
Program |
The Program for scanning vulnerabilities in the Client's web services and applications as well as checking for ways to trigger non-tolerable events, hosted on the Platform |
Participant |
A legally capable individual aged eighteen (18) (or fourteen (14) subject to a written consent of their legal representatives for participation in the Program) or above being a citizen of the Russian Federation according to legislation, acting on their own behalf and willing to participate in any Program. The following persons may not participate: persons involved in the program arrangement and implementation, members of their families, authors of the code to be analyzed by participants as part of the Program. Self-employed individuals who are taxpayers under a special tax regime (in accordance with Federal Act No. 422-FZ dated November 27, 2018 "On an Experiment on Establishing the Special 'Self-Employment Tax' Regime") or individual entrepreneurs may as well participate |
Vulnerability |
A technical flaw in the Client's web services and applications which can be used to disrupt their normal operation, integrity, availability, confidentiality and/or trigger a non-tolerable event as a result of cybercriminal activity, making it impossible to achieve operational and strategic goals or leading to a long-term disruption of core operations |
Specify the details of their status and applicable tax regime in their account on the Platform.
If the Winner participates in the Program as an individual:
The Winner shall specify the following details in their account on the Platform:
a) Full name
b) Date of birth
c) Payment details: RCBIC of the beneficiary bank, the beneficiary bank, correspondent account, INN (taxpayer identification number) of the beneficiary bank, the beneficiary bank account, the beneficiary name
d) Russian passport data: series, number, date of issue, subdivision code, issuing authority, registration address
e) INN (taxpayer identification number)
If the Winner is under eighteen (18) years of age, they shall provide the Organizer with a written consent of their legal representatives for the Winner's participation in the Program and adherence to these Regulations.
The Organizer may request a scanned copy of the Winner's passport, including scanned copies of the pages with stamps confirming crossings of Russian borders.
If the Organizer is unable to establish the Winner's country of tax residence due to insufficient information provided by the Winner, the Organizer may reduce the reward amount granted to the Winner by the PIT (personal income tax) amount calculated at a 30-percent rate.
If the Winner acts as an individual, the Organizer shall calculate the PIT amount, deduct it from the reward amount and remit it to the Russian tax authorities.
To pay the reward money to the Winner, the Organizer shall remit funds using bank details specified by the Winner on the Platform. The reward money is always subject to PIT withholding and may only be remitted to accounts opened with Russian banks. If no notification of non-receipt of the payment is received by the Organizer from the Winner within thirty (30) calendar days following the payment date, the Organizer will be deemed to have fulfilled its reward payment obligations in full.
If the Winner participates in the Program as a self-employed individual and is a taxpayer under the special Self-Employment Tax regime (in accordance with Federal Act No. 422-FZ dated November 27, 2018):
The Winner shall specify the following details in their account on the Platform:
a) Full name
b) Date of birth
c) INN (taxpayer identification number)
The Winner shall register in the Konsol service in accordance with clause 6.4 of the Regulations.
If the Winner is a self-employed individual and a taxpayer under the special Self-Employment Tax regime, a receipt will be generated in the Konsol service on the day of receiving the reward (in accordance with Art. 14 of Federal Act No. 422-FZ dated November 27, 2018). The Winner is solely responsible for paying taxes on the reward received from the Organizer.
If the Winner is a self-employed individual and was the Organizer's employee in the two (2) preceding years, the Organizer shall pay the reward to the Winner as an individual (or an individual entrepreneur if the Winner is registered as such and has provided the documents in accordance with these Regulations).
If the Winner participates in the Program as an individual entrepreneur:
The Winner shall specify the following details in their account on the Platform:
a) Full name
b) Date of birth
c) INN (taxpayer identification number)
The Winner shall register in the Konsol service in accordance with clause 6.4 of the Regulations.
If the Winner is an individual entrepreneur, they are solely responsible for paying taxes on the reward received from the Organizer in accordance with the applicable tax regime.
Regulation on Contests Held on the bugbounty.standoff365.com Platform valid until April 4, 2023