At Bitvavo, we are committed to ensuring the security of our information, systems, and services, and we value the role of security researchers in helping us mitigate cybersecurity risks. The purpose of this page (the “Vulnerability Disclosure Program”) is to provide you with all the information you need if you have discovered or believe to have discovered a potential vulnerability in any of our services.
We are committed to ensuring our security is top tier and really appreciate the help of our community to achieve this. To make sure that any disclosures are made responsibly please ensure you follow the terms below:
All submissions should be made through the Intigriti platform, you will need to register on the platform by using the link at the bottom of this page.
The scope of testing is limited to systems, applications, and services explicitly listed in the Intigriti platform.
All rewards will be in the form of Intigriti reputation points and managed by Intigriti in accordance with their terms and conditions. More information can be found here - https://kb.intigriti.com/en/articles/3379630-leaderboard-reputation-and-streak.
We request that you refrain from sharing any details regarding a vulnerability with others until we indicate that it has been resolved and may be disclosed.
We request that you refrain from sharing any details regarding a vulnerability with others until we indicate that it has been resolved and may be disclosed. We reserve our right to take legal action if this is not followed.
If you do discover a vulnerability and come into possession of personal data about Bitvavo customers or employees you must ensure this is redacted as soon as you have made the disclosure through the form below.
None of the research you have undertaken when reporting a vulnerability should have been obtained by unlawful means.
We appreciate the efforts of the security community to help us protect our platform and our customers. Thank you for contributing responsibly to Bitvavo’s security.
Bitvavo reserves the right to modify or terminate this policy at any time.
Once validated by Intigriti you will receive Intigriti reputation points as mentioned on this page: https://kb.intigriti.com/en/articles/3379630-leaderboard-reputation-and-streak
Duplicate or previously known vulnerabilities will not be eligible for reward.
Bitvavo B.V.
Le trading de cryptomonnaies comporte des risques importants. Les cryptomonnaies sont très volatiles et vous pourriez perdre une partie ou l’intégralité de votre investissement. Les informations figurant sur cette page ne constituent pas des conseils et ne doivent pas être considérées comme telles. Bitvavo B.V. est autorisé en tant que prestataire de services sur crypto-actifs en vertu du Règlement (UE) 2023/1114 (MiCA) par l’Autoriteit Financiële Markten (AFM), Vijzelgracht 50, 1017 HS Amsterdam. Pour plus d’informations, consultez notre Divulgation des risques.
Bitvavo est enregistré auprès de la Chambre de commerce néerlandaise sous le numéro 68743424.