Responsible Disclosure
Bee Duux For example, the security of our systems is very important to us. Despite our concern for the security of our systems, it is possible that there is still a weak spot.
If you have found a weak spot in one of our systems, please let us know so that we can take measures as soon as possible. We would like to work with you to better protect our customers and our systems.
We ask you:
- Email your findings to [email protected].
- Not to exploit the problem by, for example, downloading more data than is necessary to demonstrate the leak or viewing, deleting or modifying data from third parties,
- Do not share the problem with others until it is resolved and delete all confidential data obtained through the leak immediately after the leak has been patched,
- Not to use attacks on physical security, social engineering, distributed denial of service, spam or third-party applications, and
- Provide enough information to reproduce the problem so that we can resolve it as quickly as possible. Usually, the IP address or URL of the affected system and a description of the vulnerability is sufficient, but more complex vulnerabilities may require more.
What we promise:
- We acknowledge receipt of your report,
- If you have complied with the above conditions, we will not take any legal action against you regarding the report,
- We treat your report confidentially and will not share your personal data with third parties without your permission, unless this is necessary to comply with a legal obligation. Reporting under a pseudonym is possible,
- In any coverage of the reported problem, we will, if you wish, include your name as the discoverer
We strive to solve all problems as quickly as possible and we would like to be involved in any publication about the problem after it has been resolved.