all-in-one privacy solution":["Proton Unlimited è una soluzione completa per la privacy"],"Black Friday":["Black Friday"],"No ads. Privacy by default.":["Niente pubblicità. La prima regola è la privacy."],"People before profits":["Le persone prima dei profitti"],"Security through transparency":["Più sicurezza grazie alla trasparenza"],"The best Proton Mail ${ BLACK_FRIDAY } deals":["Le migliori offerte di Proton Mail per il ${ BLACK_FRIDAY }"],"The world’s only community- supported email service":["L'unico servizio di posta elettronica al mondo supportato dalla community"]},"specialoffer:limited":{"${ hours } hour":["${ hours } ora","${ hours } ore"],"${ hoursLeft }, ${ minutesLeft } and ${ secondsLeft } left":["Restano ${ hoursLeft }, ${ minutesLeft } e ${ secondsLeft }"],"${ minutes } minute":["${ minutes } minuto","${ minutes } minuti"],"${ seconds } second":["${ seconds } secondo","${ seconds } secondi"],"Limited time offer":["Offerta a tempo limitato"]},"specialoffer:listitem":{"Create multiple addresses":["Crea indirizzi multipli"],"Hide-my-email aliases":["Alias hide-my-email"],"Quickly unsubscribe from newsletters":["Annulla rapidamente l'iscrizione alle newsletter"],"Use your own domain name":["Utilizza il tuo nome di dominio"]},"specialoffer:logos":{"As featured in":["Ne hanno parlato"]},"specialoffer:metadescription":{"Get an encrypted email that protects your privacy":["Scegli un'email cifrata per proteggere la tua privacy"]},"specialoffer:metatitle":{"Proton Mail Black Friday Sale - Up to 40% off":["Offerta Black Friday di Proton Mail - sconti fino al 40%"]},"specialoffer:newmetadescription":{"Get up to 40% off Proton Mail subscriptions this Black Friday. Find great deals on our secure end-to-end encrypted email plans.":["Per questo Black Friday ti offriamo fino al 40% di sconto sugli abbonamenti a Proton Mail. Scopri le straordinarie offerte sui piani di abbonamento alla nostra email dotata di crittografia end-to-end."]},"specialoffer:newmetatitle":{"Proton Mail Black Friday sale | Up to 40% off secure email":["Offerta di Proton Mail per il Black Friday | Fino al 40% di sconto sulla nostra email sicura"]},"specialoffer:note":{"* Billed at ${ TOTAL_SUM } for the first year":["* Addebito di ${ TOTAL_SUM } per il primo anno"],"*Billed at ${ TOTAL_SUM } for the first 2 years":["*Addebito di ${ TOTAL_SUM } per i primi 2 anni"],"30-day money-back guarantee":["Garanzia soddisfatti o rimborsati di 30 giorni"],"Billed at ${ TOTAL_SUM } for the first 2 years":["Addebito di ${ TOTAL_SUM } per i primi 2 anni"],"Billed at ${ TOTAL_SUM } for the first year":["Addebito di ${ TOTAL_SUM } per il primo anno"],"You save ${ SAVE_SUM }":["Risparmi ${ SAVE_SUM }"]},"specialoffer:off":{"${ PERCENT_OFF } off":["−${ PERCENT_OFF }"]},"specialoffer:testimonial":{"I love my ProtonMail":["Adoro ProtonMail"],"My favorite email service":["Il mio servizio email preferito"],"Thanks Proton for keeping us all safe in the complicated internet universe.":["Grazie Proton perché ci proteggi nell'universo complicato di internet."],"You get what you pay for. In the case of big tech, if you pay nothing, you get used. I quit using Gmail and switched to @ProtonMail":["Ottieni quello per cui hai pagato. Nel caso di big tech, se non paghi niente, vieni usato. Ho smesso di usare Gmail e sono passata a @ProtonMail"]},"specialoffer:time":{"Days":["Giorni"],"Hours":["Ore"],"Min":["Min"]},"specialoffer:title":{"And much more":["E altro ancora"],"Safe from trackers":["Protezione dai tracker"],"Stay organized":["Tieni tutto in ordine"],"Black Friday email deals":["Offerte email del Black Friday"],"Don’t just take our word for it":["Non lo diciamo solo noi"],"Make your inbox yours":["Rendi la tua posta in arrivo nostra"],"Our story":["La nostra storia"],"Transfer your data from Google in one click":["Trasferisci i tuoi dati da Google con un solo clic"]},"specialoffer:tooltip":{"Access blocked content and browse privately. Includes ${ TOTAL_VPN_SERVERS }+ servers in ${ TOTAL_VPN_COUNTRIES }+ countries, connect up to 10 devices, access worldwide streaming services, malware and ad-blocker, and more.":["Accedi a contenuti bloccati e naviga in modalità privata. Include oltre ${ TOTAL_VPN_SERVERS } server in più di ${ TOTAL_VPN_COUNTRIES } Paesi, possibilità di connettere fino a 10 dispositivi, accesso a servizi di streaming in tutto il mondo, anti-malware, ad-blocker e altro ancora."],"Easily share your calendar with your family, friends or colleagues, and view external calendars.":["Condividi facilmente il tuo calendario con familiari, amici o colleghi e visualizza calendari esterni."],"Includes support for 1 custom email domain, 10 email addresses, 10 hide-my-email aliases, calendar sharing, and more.":["Include il supporto per 1 dominio email personalizzato, 10 indirizzi email, 10 alias hide-my-email, condivisione del calendario e altro ancora."],"Includes support for 3 custom email domains, 15 email addresses, unlimited hide-my-email aliases, calendar sharing, and more.":["Include il supporto per 3 domini email personalizzati, 15 indirizzi email, alias hide-my-email illimitati, condivisione del calendario e altro ancora."],"Manage up to 25 calendars, mobile apps, secured with end-to-end encryption, 1-click calendar import from Google, and more.":["Gestisci fino a 25 calendari, app per dispositivi mobili, protezione con la crittografia end-to-end, importazione del calendario da Google in un solo clic e altro ancora."]},"Status banner":{"Learn more":["Scopri di più"],"Please note that at the moment we are experiencing issues with the ${ issues[0] } service.":["Attenzione: stiamo riscontrando dei problemi con il servizio di ${ issues[0] }"],"We are experiencing issues with one or more services at the moment.":["Stiamo riscontrando dei problemi con uno o più servizi."]},"Status Banner":{"At the moment we are experiencing issues with the Proton VPN service":["Al momento abbiamo dei problemi con il servizio di Proton VPN"],"Learn more":["Scopri di più"]},"steps":{"Step":["Passaggio"]},"suggestions":{"Suggestions":["Suggerimenti"]},"Support":{"Sub category":["Sottocategoria","Sottocategorie"]},"Support article":{"${ readingTime } min":["${ readingTime } minuto","${ readingTime } minuti"],"Category":["Categoria","Categorie"],"Didn’t find what you were looking for?":["Non hai trovato quello che cercavi?"],"General contact":["Contatti generali"],"Get help":["Ottieni supporto"],"Legal contact":["Contatti legali"],"Media contact":["Contatti per la stampa"],"Partnerships contact":["Contatti per collaborazioni"],"Reading":["Lettura"]},"Support Form Platform option":{"VPN for Android TV":["VPN per Android TV"],"VPN for Chromebook":["VPN per Chromebook"]},"Support troubleshooting":{"App version":["Versione dell'app"],"Browser":["Browser"],"Check if this helps":["Verifica se questo ti è utile"],"Choose a product":["Scegli un prodotto"],"Did this solve your issue?":["Ha risolto il tuo problema?"],"Faster assistance is just a few clicks away":["Ottieni assistenza più velocemente con pochi clic"],"How can we help?":["Come possiamo aiutarti?"],"No, contact support":["No, contatta il supporto"],"Please fill out one field after another":["Compila un campo dopo l'altro"],"Please make your selections":["Fai la tua selezione"],"Proton account":["Account Proton"],"Proton for Business":["Proton for Business"],"Thank you for your feedback":["Grazie per il feedback"],"What can we help with?":["In cosa possiamo esserti di aiuto?"],"Yes":["Sì"]},"support_modal_search_query":{"Search query":["Query di ricerca"]},"support_search_button":{"Search":["Cerca"]},"support_search_i_am_looking_for":{"I'm looking for":["Sto cercando"]},"SupportForm":{"For a faster resolution, please report the issue from the Bridge app: Help > Report a problem.":["Per una risoluzione più rapida, segnala il problema dall'app Bridge: Aiuto > Segnala un problema."],"Information":["Informazioni"]},"SupportForm:option":{"Account Security":["Sicurezza dell'account"],"Contacts":["Contatti"],"Custom email domain":["Dominio email personalizzato"],"Email delivery and Spam":["Consegna delle email e spam"],"Encryption":["Crittografia"],"Login and password":["Login e password"],"Merge aliases and accounts":["Unione di alias e account"],"Migrate to Proton":["Migrazione a Proton"],"Notifications":["Notifiche"],"Other":["Altro"],"Plans and billing":["Piani e fatturazione"],"Proton for Business":["Proton for Business"],"Sign up":["Iscrizione"],"Storage":["Archiviazione"],"Users, addresses, and identities":["Utenti, indirizzi e identità"]},"SupportForm:optionIntro":{"Select a topic":["Seleziona un argomento"]},"swiss_baseed_feature":{"Swiss based":["Con sede in Svizzera"]},"Testimonial":{"Awards":["Premi"],"Customers":["Clienti"],"Featured":["In evidenza"],"Go to testimonial source":["Vai alle testimonianze"],"Open source of award":["Apri la fonte del premio"],"Open source of quote":["Apri la fonte della citazione"],"Reviews":["Recensioni"],"Videos":["Video"],"Watch on TikTok":["Guarda su TikTok"],"Watch on YouTube":["Guarda su YouTube"]},"TestimonialCategory":{"Awards":["Premi"],"Customers":["Clienti"],"Featured":["In evidenza"],"Media":["Media"],"Reviews":["Recensioni"],"Videos":["Video"]},"Text":{"If you need help, check out our ${ supportLink }.":["Se ti serve assistenza dai un’occhiata alla nostra ${ supportLink }."],"The page you’re looking for might have been removed, or it could be an\nold link.":["La pagina che stai cercando potrebbe essere stata rimossa, o il link potrebbe essere vecchio."],"Your question may already have an answer in our knowledge base:":["La risposta alla tua domanda potrebbe essere già disponibile nella nostra base di conoscenza:"]},"Tooltip":{"More information":["Ulteriori informazioni"]},"tooltip_vpn":{"Access blocked content and browse privately. Includes ${ TOTAL_VPN_SERVERS }+ servers in ${ TOTAL_VPN_COUNTRIES }+ countries, highest VPN speed, ${ TOTAL_VPN_CONNECTIONS } VPN connections, worldwide streaming services, malware and ad-blocker, and more.":["Accedi a contenuti bloccati e naviga in modalità privata. Include oltre ${ TOTAL_VPN_SERVERS } server in più di ${ TOTAL_VPN_COUNTRIES } Paesi, VPN ad altissima velocità, ${ TOTAL_VPN_CONNECTIONS } connessioni VPN, servizi di streaming in tutto il mondo, anti-malware, ad-blocker e altro ancora."]},"vpn_servers":{"Get Proton VPN Plus":["Scegli Proton VPN Plus"]},"wallet_signup_2024:Action":{"Get Proton Wallet":["Ottieni Proton Wallet"]},"wallet_signup_2024:Homepage hero product link title":{"Wallet":["Wallet"]},"wallet_signup_2024:Homepage product navigation bar":{"Wallet":["Wallet"]},"wallet_signup_2024:menu item":{"Bitcoin guide":["Guida Bitcoin"],"Proton Wallet news":["Novità di Proton Wallet"],"Proton Wallet support":["Supporto di Proton Wallet"]},"wallet_signup_2024:Pricing":{"Includes everything in Proton Unlimited and":["Include tutte le funzionalità di Proton Unlimited e"],"Limited availability":["Disponibilità limitata"],"The easiest way to securely own, send, and receive Bitcoin":["Il modo più semplice di possedere, inviare e ricevere Bitcoin in modo sicuro"]},"wallet_signup_2024:ProductRange":{"Discover Proton Wallet":["Scopri Proton Wallet"],"Store and transact Bitcoin privately with an encrypted self-custody wallet.":["Conserva ed esegui transazioni in Bitcoin in modo privato con un portafoglio a custodia autonoma crittografato."]},"wallet_signup_2024:wallet bitcoin":{"Learn about Bitcoin, the Internet's value network.":["Scopri il Bitcoin, la rete di valore di Internet."]},"wallet_signup_2024:wallet overview":{"Ensure you're always in control of your Bitcoin.":["Assicurati di avere sempre il controllo dei tuoi Bitcoin."]},"wallet_signup_2024:wallet security":{"The encrypted, open-source wallet that puts you in control.":["Il portafoglio crittografato e open source che ti dà il controllo."]}}},"base":"","cdn":{"url":"https://pmecdn.protonweb.com/","enabledForAssets":false,"enabledForImages":false},"unleashApi":"https://account.proton.me/api"};
window.frameworkContext = frameworkContext;
const context = frameworkContext.base === '' ? '' : `${frameworkContext.base}/`;
window.__toAssetUrl = (filename) => {
if (frameworkContext.cdn !== undefined && frameworkContext.cdn.enabledForAssets === true) {
return `${frameworkContext.cdn.url}${context}${filename}`;
} else {
return `/${context}${filename}`;
}
};
})();
As a company founded by scientists who met at CERN, we believe in peer review. That's why we support the independent security community to help us maintain the security of our systems and protect sensitive information from unauthorized disclosure. We encourage security researchers to contact us to report potential vulnerabilities identified in Proton products.
This policy specifies:
What systems and applications are in scope
What types of security research methods are covered
How to report potential security vulnerabilities to us
Our vulnerability disclosure philosophy and how long we will ask you to wait before publicly disclosing vulnerabilities
Proton will acknowledge receipt of reports that comply with vulnerability disclosure policy within five (5) business days. Upon receipt, we will endeavor to validate submissions, implement corrective actions (if appropriate), and inform researchers of the disposition of reported vulnerabilities with minimum delay.
If you make a good faith effort to comply with this policy during your security research, we will consider your research to be authorized per Proton’s legal safe harbor policy. We will work with you to understand and resolve the issue quickly and will not recommend or pursue legal action against you for any of your action(s) related to your research.
Test methods
Security researchers must not:
Test any system other than the systems set forth in the Scope section below
Disclose vulnerability information except as set forth in the Reporting a vulnerability and Disclosure sections below
Engage in physical testing of facilities or resources
Engage in social engineering
Send unsolicited electronic mail to Proton users, including “phishing” messages
Execute or attempt to execute “denial of service” or “resource exhaustion” attacks
Introduce malicious software in the systems of Proton or any third party
Perform tests that could degrade the operation of Proton systems or intentionally impair, disrupt, or disable SEC systems
Test third-party applications, websites, or services that integrate with or link to or from Proton systems
Delete, alter, share, retain, or destroy Proton data, or render Proton data inaccessible
Use an exploit to exfiltrate data, establish command line access, establish a persistent presence on Proton systems, or “pivot” to other Proton systems
Security researchers may:
View or store Proton nonpublic data only to the extent necessary to document the presence of a potential vulnerability
Security researchers must:
Cease testing and notify us immediately upon discovery of a vulnerability
Cease testing and notify us immediately upon discovery of an exposure of nonpublic data
Purge any stored nonpublic data upon reporting a vulnerability
Scope
The following systems and services are in scope:
Our website, proton.me
The account.proton.me web app
Proton Mail
The mail.proton.me web app
Proton Mail Android and iOS apps
api.protonmail.ch
Proton Drive
The drive.proton.me web app
Proton Drive Windows and Android apps
Proton Drive iOS/iPad app (in beta)
Proton Calendar
The calendar.proton.me web app
Proton Calendar iOS/iPad app (in beta)
SimpleLogin
Proton VPN
Our VPN website, protonvpn.com
account.protonvpn.com
api.protonvpn.ch
Proton VPN Windows, macOS, Linux, iOS/iPad, and Android apps
Proton Bridge for Windows, macOS, and GNU/Linux
Proton Pass
Proton Pass mobile applications (Android and iOS)
Proton Pass web extensions
Proton Wallet
The wallet.proton.me web app
Any services not explicitly listed above are excluded from the scope of this policy. For clarity, this includes, but is not limited to:
Spam
Social engineering techniques
Denial-of-service attacks
Content injection is out of scope unless you can clearly demonstrate a significant risk to Proton or its users
Executing scripts on sandboxed domains
Mobile app crash reports that are not reproducible on up-to-date OS versions or mobile devices released within the last two (2) calendar years
Security issues outside the scope of Proton Mail’s mission
Bugs that require exceedingly unlikely user interactions
WordPress bugs (please report those to WordPress)
Bugs on shop.proton.me (please report those to Shopify)
Bugs on proton.me/support/contact, protonmail.zendesk.com, support.protonmail.com, and help.protonmail.com (please report those to Zendesk)
Bugs on status.proton.me (please report those to Atlassian)
Proof of concepts that require physical access to the device
Out-of-date software — For a variety of reasons, we do not always run the most recent software versions, but we do run software that is fully patched
Flaws impacting out-of-date browsers
Bugs on partners.proton.me (please report those to TUNE)
Bugs on localize.proton.me (please report those to Discourse)
Reporting a vulnerability
Reports are accepted via electronic mail at security@proton.me. Acceptable message formats are plain text, rich text, and HTML. We encourage you to encrypt submissions using our PGP public key when submitting vulnerabilities.
We prefer reports that include proof-of-concept code demonstrating an exploitation of the vulnerability.
Reports should provide a detailed technical description of the steps required to reproduce the vulnerability, including a description of any tools needed to identify or exploit the vulnerability.
Images (e.g., screen captures) and other documents may be attached to reports. It is helpful to give attachments illustrative names.
We request that any scripts or exploit code be embedded into non-executable file types.
We can process all common file types and archives, including zip, 7zip, and gzip.
Researchers may submit reports anonymously or provide contact information, including how and when the Proton Security team should contact them. We may contact researchers to clarify aspects of the submitted report or gather other technical information.
By submitting a report to Proton, you affirm that the report and any attachments do not violate the intellectual property rights of any third party. You also grant Proton a non-exclusive, royalty-free, worldwide, perpetual license to use, reproduce, create derivative works, and publish the report and any attachments.
Disclosure
Proton is committed to the timely correction of vulnerabilities. We will work diligently to resolve any issues that put our community at risk. We ask all researchers to bear with us as we examine the reports you submit to us, as the public disclosure of a vulnerability in the absence of a readily-available corrective action likely increases rather than decreases our community’s security risk.
Accordingly, we require that you refrain from sharing information about discovered vulnerabilities for 120 calendar days after you have received our acknowledgement of receipt of your report. If you believe others should be informed of the vulnerability prior to our implementation of corrective actions, you must coordinate in advance with the Proton Security team.
We may share vulnerability reports with affected vendors. We will not share the names or contact data of security researchers unless given explicit permission.
Questions?
Questions regarding this policy may be sent to security@proton.me. Proton encourages security researchers to contact us for clarification on any element of this policy.
Please contact us if you are unsure if a specific test method is inconsistent with or unaddressed by this policy before you begin testing. We also invite security researchers to contact us with suggestions for improving this policy.