Data security is a top priority for BVNK, and BVNK works with skilled security researchers to identify weaknesses in any technology. If you believe you’ve found a security vulnerability in BVNK's service and want to notify us in goodwill, we will work with you to resolve the issue promptly.
Disclosure
If you believe you’ve discovered a potential vulnerability, please let us know by emailing us at itsecurity@bvnk.com. Should your findings or submissions be found as valid and unknown to us, then we will acknowledge your email submissions within 1 (one) week. Please provide us with a reasonable amount of time to resolve the issue before disclosing it to the public or any other party. We aim to resolve issues that we deem to be “critical” within ten (10) business days of disclosure. You will preserve the confidentiality and integrity of any BVNK data, agreeing to:
- not defraud BVNK and/or its customers in the research;
- not profit from or allow any other party to profit from research; and
- report vulnerabilities with no conditions, demands, or ransom threats to BVNK.
While researching, you must refrain from:
- Denial-of-Service
- Spamming
- Social engineering or phishing of BVNK employees or contractors
- Any attacks against BVNK's physical property or data centers
This policy applies to the BVNK Application hosted at app.bvnk.com and to any other subdomains or services associated with the BVNK.