Responsible disclosure
We welcome the opportunity to work with you to protect all our activities for our customers and ourselves. At Hipex, safety has our top priority.
Despite our constant concern to detect security issues, it is still possible that a vulnerability has arisen. If you notice a weak spot, please let us know. We are resourceful enough to find solutions as quickly as possible and tackle the problem efficiently.
We ask this of you:
- Please email your findings to security (at) hipex.io. We want to get enough information to reproduce and solve the problem.
- Please do not collect more data than strictly necessary to demonstrate the security problem to us.
- Please do not share information about the vulnerability with others.
- Please do not misuse the data obtained. Whether you view, delete or modify data (in the system).
- We expect you to clear all obtained data immediately after closing the leak.
This is our promise to you:
- We treat your report and correspondence with integrity and confidentiality.
- We do not share your personal information with third parties without permission, unless it is necessary to comply with our legal obligations.
- We will respond to your report within three office days, share our insights into the report and keep you informed of the progress in resolving the problem.
- Hipex does not have a bug bounty program.