Reporting vulnerabilities
We take our responsibilities very seriously.
As an information system provider and processor of personally sensitive data, Centagon has a strict policy on 'Responsible Disclosure'.
MAKING A REPORT
As part of the General Data Protection Regulation (AVG), Centagon offers the opportunity to report data breaches and/or vulnerabilities via this page. A report can be sent via this form. Centagon has reserved capacity to respond adequately to reports. The reporter will immediately receive a confirmation of receipt by e-mail. As soon as possible thereafter, within one working day at the latest, the reporter will be contacted about the further process.
The process
In consultation with the reporter, Centagon will determine whether or not a report will be disclosed and the period in which any disclosure will take place. In consultation, it may also be decided to inform a wider ICT community about the reported vulnerabilities. Centagon will continue to actively inform the reporter about the progress of the process.
Anonymity
There may be reasons why a reporter prefers not to disclose their name and contact details. Centagon respects that choice and will process the report with the same attention and according to the same procedure. Naturally, the confirmation of receipt and mutual coordination of the further process will thereby be dropped.
Hartelijk dank voor uw melding. Wij maken een inhoudelijke inventarisatie van uw melding en nemen binnen één (werk-)dag contact met u op met betrekking tot het verdere proces.
Centagon Security Office
