Rules for reporting vulnerabilities and bugs
We make every effort to ensure the security of our own websites, platforms and IT infrastructure components. Nevertheless, it may happen that you discover a vulnerability or bug in our systems. In such a case, we ask you to handle the vulnerability responsibly and inform us so that we can fix it.
The following rules must be observed when reporting vulnerabilities and bugs:
- We do not pay you any bonuses for reported vulnerabilities.
- You may only make vulnerabilities public in consultation with BUSINESS UNICORNS GmbH.
- Please comply with applicable law and avoid damaging or compromising the data of BUSINESS UNICORNS GmbH and/or its customers. Do not exploit any confirmed vulnerabilities.
- Do not include any information in vulnerability reports, including any attachments, that could identify an individual (e.g. name, contact details).
- To enable vulnerability reports to be processed as quickly as possible, please ensure that you describe in detail the steps required to rectify the vulnerability.
Legal conditions
By submitting vulnerabilities and/or suggested solutions (hereinafter referred to as "Feedback") to BUSINESS UNICORNS GmbH
- you agree to prevent harm to BUSINESS UNICORNS GmbH and/or its customers and therefore agree not to disclose any information until a fix and/or patch has been provided by BUSINESS UNICORNS GmbH; and
- you agree that BUSINESS UNICORNS GmbH may use this feedback to update and/or improve its websites, platforms and IT infrastructure components used; and
- you agree that BUSINESS UNICORNS GmbH may use your feedback for any purpose without restriction or compensation of any kind in relation to you and/or your representative.