联系我们
Responsible Disclosure
Although we always endeavor to ensure the security of our products and services, it may still happen that security vulnerabilities occur. The exploitation or abuse of such security vulnerabilities is illegal.
To ensure that identified security vulnerabilities are not exploited by attackers, the German Federal Office for Information Security (BSI) recommends the application of the principle of “Responsible Disclosure”. This principle promotes a coordinated and trusting relationship between the discoverer of the security vulnerability and the affected manufacturer or service provider.
A person or organization discovering a security vulnerability should follow these steps for responsible disclosure:
- Report a security vulnerability to GÖPEL electronic by filling out the online form and providing as much information about the security vulnerability as possible.
- Do not exploit the vulnerability, for example by spying on or modifying third-party data or by intentionally impairing the availability of the service.
- All activities related to the discovery of the vulnerability must be in accordance with applicable law.
- Do not inform any third parties about the vulnerability. GÖPEL electronic will coordinate all communication regarding the vulnerability.
- If the above conditions are met, GÖPEL electronic will not take legal action against the reporter.
- GÖPEL electronic will keep the reporter informed of the measures taken and the progress made in rectifying the security vulnerability.
- Depending on the criticality of the security vulnerability and the quality of the report, GÖPEL electronic will acknowledge the discovery of the security vulnerability and publicly recognize the reporter. We will name you as the discoverer of the problem unless you request otherwise.