Vulnerability Disclosure Policy

We actively endorse and support working with the research and security practitioner community to improve our online security. We have developed this vulnerability policy to reflect our company values and to uphold our legal responsibility to good-faith security researchers that are providing us with their expertise.

We welcome investigative work into security vulnerabilities, carried out by well intentioned and ethical security researchers. We are committed to:

  • Investigating and resolving security issues in our platform and services thoroughly
  • Working in collaboration with the security community
  • Responding promptly and actively

This vulnerability disclosure policy applies to any vulnerabilities you are considering reporting qiio. We recommend reading this vulnerability disclosure policy fully before you report a vulnerability and always acting in compliance with it. We value those who take the time and effort to report security vulnerabilities according to this policy. However, we do not offer monetary rewards for vulnerability disclosures.

Please note that this page does not provide any form of indemnity for any actions if they are either in breach of the law or of this policy. It does not provide an indemnity from qiio or any third party.

Download qiio’s Vulnerability Disclosure Policy in PDF format.