Responsible Disclosure
Our goal is to ensure maximum security of our systems and products. Nevertheless, on rare occasions it may happen that you discover a weakness in one of our systems or products. If so, please report it to us so that we can take steps to resolve the issue as soon as possible. We are eager to work with you to better protect our and our clients’ systems.
How can you help us?
- Email us with your findings at responsible-disclosure@technolution.nl.
- Please provide all the information needed to locate the vulnerability. Usually, the IP address and the URL of the system concerned will suffice, but please include any additional details if necessary.
- Please do not abuse the situation by unduly accessing, downloading, changing or deleting any data which may be confidential.
- Please do not share your discovery with others until the vulnerability has been resolved. Once this has happened, please delete any confidential data that you may have acquired.
- Please do not attack physical security and do not use social engineering or hacking tools.
What will we do if you report an issue?
- We will respond to your report within three working days, and will indicate at that time how long we think it will take before the issue is resolved.
- We will treat your report and your personal details confidentially. We may have to make an exception to this if the situation requires the intervention of the police or the public prosecutor.
- If you follow the guidelines described above, we will not take legal steps against you.
- We will keep you informed of progress as we resolve the issue.
- If you wish, we will mention that you discovered the vulnerability in any external communication on the issue. We would appreciate it if you could involve us in any external communication you are planning, which would obviously have to be after the issue has been resolved.