Security

Responsible disclosure

At Prepr we are committed to maintaining the security of our systems and data. We believe that good security is crucial to the trust of our customers. As such we strive to continuously improve our security and welcome you to help us in this perspective.

If you have found a weak spot in one of our systems, we would like to hear about this from you directly, so necessary measures can be takens as quickly as possible. In order to enhance system security responsibility, we kindly draw your attention to the following.

We ask you kindly:

  • to email your findings to support@prepr.io
  • to provide us with sufficient information to reproduce the problem, so that our team can address it as quickly as possible. The IP address or the URL of the system or API affected and a description of the findings are usually sufficient..
  • to leave you contact details, so if we have any questions we can contact you.
  • to report your findings as quickly as possible after its discovery.
  • not to share any information on the findings with any other party than designated persons at Prepr.
  • to handle the knowledge on the findings with care by not performing any acts other than those necessary to reveal the findings.

We expect you not to:
  • install malware.
  • copy, change, or delete data in a system.
  • make changes to code or records.
  • repeatedly access the system or share access with others than designated persons at Prepr.
  • use so-called “brute force” to access systems.
  • use denial-of-service or social engineering to access systems.
  • use any software to automatically check for potential leaks in our systems.
  • perform any action that might potentially have a disruptive effect on our systems.

What can you expect:
  • Prepr does not share your personal details with third parties without your permission, unless this is mandatory by any law or regulation.
  • Only after mutual consultation, your name can be mentioned as the person who made the findings.
  • Prepr will send you a confirmation of receipt as soon as reasonably possible (at most 2 weeks, depending on the seriousness of the findings).
  • Prepr offers a reward as thanks for help. Depending on the seriousness of the findings and the quality of the report, the reward can vary from a merchandise T-shirt up to to a maximum EUR 100 in gift vouchers. It must at least concern a serious finding that is unknown to our team and. (With a maximum of EUR 250 per person/organisation). Please note that it is not allowed to use any software tools to check for potential leaks.

Subscribe to our newsletter

The latest updates and articles to learn more about content management.

Location

Jaarbeurs Innovation Mile (JIM)

Jaarbeursplein 6

3521 AL Utrecht, The Netherlands

Phone +31 (0)30 227 17 10

KvK 54506034 • BTW NL851332390B01

© 2021 Prepr. All rights reserved.