Responsible Disclosure Policy 

​At Underlined we consider the security of our systems very important. Despite our concern for the security of our systems, it is possible that there is a weak spot. If you have found a weak spot in one of our systems, we would like to hear about it. We can then take measures as quickly as possible. We would like to work with you to better protect our systems.

1. If you notice a possible weak spot in the systems of Underlined, we ask you to email your findings to security@underlined.nl by means of a detailed explanation of the weak spot.

2. Describe the issue found in as much detail as possible. Your report will be handled by specialists; you can use technical jargon where necessary or desired. We ask you not to abuse the weak spot by, for example, downloading more data than is necessary to demonstrate the leak or to view, delete or modify data from third parties.

3. You can choose to add your contact details (name, e-mail address and telephone number) or you can make the report anonymously.

4. A team of security experts will investigate your report and provide an initial response within 10 working days. In the meantime, don’t make the problem public, talk to our experts, and give them time to solve the problem. We will let you know what we think of your report, whether we will implement a solution and when we will do so.

 

When investigating the vulnerability you found, you may be committing criminal acts. If you have acted in good faith, carefully and in accordance with the rules set out below, Underlined has no reason to report. Therefore, please adhere to the following rules when conducting research.

Rules when conducting research:

  • Make sure that you do not cause any damage with the found vulnerability. Under no circumstances may your actions lead to an intentional interruption of the service or to the disclosure of the Underlined data or its relations/customers.
  • Do not use social engineering to gain access to a system.
  • Do not place a backdoor in an information system and then use it to demonstrate the vulnerability, as this can cause additional damage and lead to unnecessary security risks.
  • Make minimal use of a vulnerability, only do what is necessary to determine the vulnerability.
  • Do not change or remove any data from the system and be as restrained as possible in copying data (if one record is enough to show the problem, do not proceed).
  • Do not make any system changes.
  • Do not repeatedly attempt to access the system and do not share access with others.
  • Do not use brute force to gain access to systems. After all, there is no question of a vulnerability, but only of repeatedly trying passwords.

The hotline is not intended for:

  • Submitting complaints about the service.
  • Making fraud reports and/or suspected fraud reports of fake e-mails or phishing e-mails.
  • Report viruses.
  • Submitting complaints or questions about the availability of the website.

Your privacy

To follow up on the report, you can choose to provide us with your contact details (name, e-mail, and telephone number). We will not disclose your identity to third parties without your consent or use your data for purposes other than to provide appropriate follow-up to your report, unless there is a legal obligation to do so, for example in the event of a claim by the judiciary. We handle your personal data according to the guidelines as described in our privacy statement.

Other conditions 

With regard to internet security and privacy, Dutch legislation applies. We can only accept reports that have been drawn up in Dutch or English. This responsible disclosure regulation has been established based on the guidelines of the National Cyber Security Center.

ROCX’R

ROCX’R - Giving smart and detailed real-time insights

Integrations

Integrating your system with ROCX'R? Find out more!

Take the tour

Book a introduction tour for the most complete solution in CX

Case studies
Customer success stories

Partner program

Find out more about the Underlined CX partner program

Partner overview

Check out our partners and find out how we work together

Become a partner

Want to become a partner? Join our partner program here!

Publications
Learn about CX and technology

Publications

Learn everything you need to know about CX and technology

Webinars & events

Check out our webinars and events selected for CX growth

Case studies

Customer success stories for building data driven customer experience

cx-improvements

Webinar
with Forrester’s leading expert on CX measurement

Vision on CX

Our Vision on CX - CX metrics in motion with business results

Services

Discover our services that help you improve customer happiness

Who we are

Who we are! A quick guide to how we approach customer experience

The team

Giving companies the power to optimize every conversion

Get in touch

Get in touch to start your journey

Vacancies
Strengthen our team of enthusiastic data-passioned colleagues

Working@underlined

Working@Underlined - Check out our vacancies and join our team

Vacancies

Strengthen our team of enthusiastic data-passioned colleagues

Meet the team
Giving companies the power to optimize every conversion