At Embrace The Human Cloud, we believe that the security of our systems is very important. Despite our concern for our systems’ security, weak spots might still possibly exist. If you discover such a weak spot in one of our systems, please let us know so we can take action as soon as possible. We would like to work with you to enhance the protection of our customers and our systems.
We ask you to:
- Inform us of your finding using the following URL.
- Refrain from abusing the issue by, for instance, downloading more data than is necessary to demonstrate the leak; or to view, delete or alter third-party data.
- Refrain from sharing the issue with others until it has been resolved, and to delete all confidential data obtained through the leak immediately after it has been resolved.
- Refrain from using attacks on physical security, social engineering, distributed denial of service, spam or third party applications, and
- Provide sufficient information to reproduce the issue, so that we can resolve this as swiftly as possible. Although the IP address or URL of the affected system and a description of the vulnerability is usually sufficient, more complex vulnerabilities may require further information.
What we promise:
- We will respond to your report within five days, with our assessment of the report and an expected resolution date.
- If you have complied with the above conditions, we will not take legal action against you regarding the report.
- We will treat your report confidentially, and we will not share your personal information with third parties without your permission, unless this is necessary to comply with a legal obligation. Reporting can be performed using a pseudonym.
- We will keep you informed on the progress in resolving the issue.
- If you wish, we will include your name as the party identifying the issue in the reporting, and-
- We endeavour to resolve all issues as swiftly as possible, and are happy to be involved in any publication concerning the issue once it has been resolved.