Safety of our systems is a very important issue at Jaarbeurs. Despite our efforts and investments in the security of our websites and systems, it may occur that there is a weak spot.
If you come across a vulnerability of our website or our system let us know as soon as possible, so we can solve the issue. We always take reports seriously and will investigate any potential security problem.
Please note that this responsible disclosure is not an invitation to extensively check and test the website and systems for vulnerabilities: this is done by us regularly.
What do we ask of you?
- To e-mail your report to firstname.lastname@example.org and share the details of your findings confidentially through our file transfer setting to make sure the information does not end up in the wrong hands;
- To include your contact information (e-mail address and phone number) so that we can contact you for easy cooperation;
- To include adequate information to trace and/or reproduce the issue. Usually, the IP-address or URL of the affected system, plus a description of the vulnerability are sufficient. In case of more complex issues, additional information may be needed;
- Not to misuse the issue by, for example, downloading more data than is strictly necessary to prove the weak spot and not copy, modify or delete data from the system;
- Not to execute attacks on our physical security, social engineering, denial of service, spam or applications of third parties;
- Not to share the problem with others until it is resolved and delete all confidential data immediately after the problem has been resolved.
What can you expect of us?
- We will respond on your report as soon as possible and give an expected date for a solution;
- We will process your report confidentially. We will not share your personal data with third parties, unless necessary to meet legal requirements. Reporting under a pseudonym is possible;
- We will inform you further if we are planning to communicate about the problem externally;
- We strive to solve any issues as quickly as possible and we ask you to inform us about any publications about the problem after it is solved.
Mind the law
If you comply to the conditions above, we do not have to take any legal action. But we cannot promise that you won’t be prosecuted if you commit criminal offences in your investigation. Make sure you do not engage in criminal activities that we need to report to the authority.