Responsible Disclosure
At Data eXcellence, the security of our systems is very important to us. Despite our care for the security of our systems, it may happen that there is still a weak spot.
If you have found a weak spot in one of our systems we would like to hear about it so we can take action as soon as possible. We would like to work with you to better protect our customers and our systems.
We ask you:
- Email your findings to security@dataexcellence.nl.
- Do not abuse the problem by, for example, downloading more data than necessary to demonstrate the leak or accessing, deleting or modifying third-party data.
- Not sharing the problem with others until it is fixed and deleting all confidential data obtained through the leak immediately after fixing the leak,
- Not use physical security attacks, social engineering, distributed denial of service, spam or third-party applications.
- Provide sufficient information to reproduce the problem so that we can fix it as soon as possible. Usually the IP address or URL of the affected system and a description of the vulnerability is sufficient, but more may be required for more complex vulnerabilities.
What we promise:
- We will respond to your report within 3 days with our assessment of the report and an expected date for a resolution
- If you have complied with the above conditions, we will not take any legal action against you regarding the report.
- We will treat your report confidentially and will not share your personal data with third parties without your consent unless necessary to comply with a legal obligation. Reporting under a pseudonym is possible.
- We will keep you informed of the progress in resolving the problem.
- In notifications about the reported problem, we will, if you so wish, mention your name as the discoverer.
- We strive to solve all problems as soon as possible and we are happy to be involved in any publication about the problem after it has been solved.
This text is based on the sample text on http://responsibledisclosure.nl/ by Floor Terra.