By clicking “Accept”, you agree to the storing of cookies on your device to enhance site navigation, analyze site usage, and assist in our marketing efforts. You can adjust your preferences.
Accept
Cookie Preferences
Venue login
English
English
Nederlands
Deutsch
Français
Español
Security
Responsible Disclosure

Responsible Disclosure

At Aqqo, we prioritize the security of our systems. Despite our continuous efforts to maintain system security, vulnerabilities might occasionally arise. If you've identified a vulnerability in one of our systems, please notify us immediately so we can address the issue promptly. We value collaboration and aim to work together to better protect our customers and our infrastructure.

Responsible Disclosure Policy

If you’ve discovered a potential security issue in our systems, we kindly ask you to follow the steps below to report it safely and discreetly. By doing so, you help us protect our users, improve our services, and maintain trust across our platform.

Please take a moment to review the following guidelines before submitting your findings:

  • To email your findings to responsibledisclosure@aqqo.com. Please encrypt your findings using our PGP key to ensure that the information doesn't fall into the wrong hands.
  • Not to exploit the vulnerability beyond what's required to demonstrate it, such as downloading more data than necessary, or accessing, deleting, or modifying third-party data.
  • To refrain from sharing the details with others until it's resolved, and to erase all confidential data obtained through the vulnerability immediately after the issue is fixed.
  • To avoid using physical security attacks, social engineering, distributed denial of service, spam, or third-party applications.
  • To provide sufficient details to replicate the issue, enabling us to address it promptly. Typically, the IP address or URL of the affected system and a description of the vulnerability suffice, but more intricate vulnerabilities might require additional information.

Our Commitment

  • We will acknowledge your report within 3 days, providing an assessment and an expected resolution date.
  • If you've adhered to the guidelines above, we will not pursue legal actions concerning your report.
  • We'll handle your report with confidentiality and won't share your personal details without your consent unless legally obligated. Reporting under a pseudonym is acceptable.
  • We'll keep you updated on the progress of the issue's resolution. If desired, we can credit you as the discoverer in any related communications.
  • As a token of gratitude for your assistance, we offer rewards for every valid report of a previously unknown security issue. The reward's magnitude is determined based on the severity of the vulnerability and the quality of the report, starting with a voucher worth €25.

We aim to address all
issues as swiftly as possible

Additionally, we appreciate being included in any potential publication regarding the vulnerability after its resolution.

Contact us at responsibledisclosure@aqqo.com if you have any questions regarding our policy.

Get started
with
Aqqo today
Discover why Aqqo has been trusted by 2.000+ venues
Start free trial
Contact sales