We at RiskGovernor.nl value the security of our systems and the data of our users.
Despite our efforts to maintain high security standards, vulnerabilities can still exist.
If you discover a security issue, we ask you to inform us responsibly, so we can take immediate action.
🔐 Reporting a Vulnerability
If you find a vulnerability or security weakness in any of our systems, please report it to:
Email: security@riskgovernor.nl
PGP key: https://riskgovernor.nl/pgp-key.txt
Fingerprint: A6E6 4591 B5D8 6451 0B9A 8780 17FC F6BA D62C 829F
Please include:
- A clear description of the vulnerability, including steps to reproduce it.
- The IP address, URL, or system involved.
- Any relevant screenshots or technical details.
If possible, encrypt your message with our PGP key.
🤝 What We Promise
- We will acknowledge receipt of your report within 5 working days.
- We will not take legal action if you act in good faith, follow these guidelines, and do not abuse the vulnerability.
- We will handle your report confidentially, and will not share personal data without your consent.
- We will keep you informed about the progress and fix status.
- If you are the first to report a valid vulnerability, we will mention you (with consent) on our Acknowledgments page.
⚙️ Responsible Conduct
Please:
- Do not exploit or abuse the vulnerability.
- Do not copy, modify, or delete data.
- Do not access more data than necessary to demonstrate the issue.
- Do not share details publicly until the issue is fixed.
- Do not perform attacks on physical security, social engineering, spam, or denial of service.
🕒 Scope
This policy applies to:
- All web applications under the domain
*.riskgovernor.nl - Associated APIs and public interfaces
📄 Legal Note / Juridische Opmerking
This responsible disclosure policy follows the NCSC Netherlands guidelines.
By reporting responsibly, you help us improve security and protect all users of our platform.
Thank you for your contribution to a safer internet!
The RiskGovernor Security Team