Software Security

Talentpay believes the security of its systems and software is of paramount importance. Whilst we strive to ensure our products and services are defect-free we also recognise the efforts of independent security researchers in helping to remedy potential defects in their implementation. We therefore would also encourage this community to utilise the responsible reporting process as defined below.

 

Our Commitment

  • All genuine reports will be investigated immediately
  • We will make all efforts to rectify any vulnerability as soon as possible
  • We commit that we will not take legal action against the reporter or ask for law enforcement investigation if the guidelines below adhered to
  • We will attempt to respond to any legitimate report within 1-2 business days.
  • Provide all details of the vulnerability, including any information required to reproduce
  • Make every effort to avoid privacy violations, destruction of Talentpay’s data and/or interruption of Talentpay’s services
  • Do not modify or access data that does not belong to you
  • Please allow reasonable time for dialogue and for Talentpay to correct the issue before making any information public

 

How to Report

If you believe you have found a vulnerability in one of our products or services then please send an email to This email address is being protected from spambots. You need JavaScript enabled to view it.. When contacting us please provide the following information:

  • Your name
  • Company information
  • Contact details
  • Your public PGP key

 

When contacting us please encrypt all information related to the report with our public PGP key which can be downloaded here:

Talentpay’s PGP Key