Acting as the researchers we may discover vulnerabilities in the systems of third parties. In this case we take all measures to notify the affected third party according to the vulnerability disclosure policy found on that party's website. If the party does not have a vulnerability disclosure policy, we use every proper method of communication that could be found.
If we do not receive a response from party within 90 days, we reserve the right to publicly disclose the information in a limited format that does not contain any data that would enable other parties to exploit the vulnerability.
Meantime, receiving the response, we will not disclose any information without the permission of the party. Exceptions to this may occur in case of law enforcement demands or legal proceedings.
Threat management and service products
All sensitive data collected during service operations is secured and couldn’t be disclosed without owner’s authorization. Client data privacy is our core value.
All the services including Smart Business Alarm, DLP-as-a-Service, Penetration testing and Audit are operating in a securely manner.
We do not provide any customer’s data to any 3rd parties and do not store it after the end of contracted period.
The detailed terms are listed in the agreements.