Responsible
Disclosure Policy
At Tools4ever, the security of our systems is very important to us. Despite our efforts to secure our systems, a weakness may still be present.
If you have discovered a weakness in one of our systems, we welcome your report so we can take action as quickly as possible. We would like to work with you to better protect our customers and our systems.
We ask that you:
Email your findings to [email protected].
Do not exploit the issue by, for example, downloading more data than necessary to demonstrate the vulnerability, or viewing, deleting, or modifying third-party data,
Do not share the issue with others until it has been resolved, and delete any confidential data obtained through the vulnerability immediately after the vulnerability has been fixed,
Do not conduct attacks on physical security, social engineering, distributed denial of service, spam, or third-party applications, and
Provide sufficient information to reproduce the problem so we can resolve it as quickly as possible. Usually the IP address or URL of the affected system and a description of the vulnerability are sufficient, but for more complex vulnerabilities more may be required.
What we promise:
We will respond within 3 days to your report with our assessment of the report and an expected date for a fix,
If you have complied with the above conditions, we will not take legal action against you regarding the report,
We will treat your report confidentially and will not share your personal information with third parties without your consent unless necessary to comply with a legal obligation. Reporting under a pseudonym is possible,
We will keep you informed of the progress in resolving the issue,
In communications about the reported issue, we will, if you wish, credit you as the discoverer, and
We aim to resolve all issues as quickly as possible, and we would like to be involved in any publication about the issue after it has been resolved.