In this policy, references to "MarketFinance", "us", "we" and "our" mean MarketFinance Limited, a company incorporated and registered in England and Wales, with registered company number 07330525 and with a registered address at 48-50 Scrutton Street, London, England, EC2A 4XQ.
MarketFinance takes the protection and privacy of our customers' data very seriously, and it is our highest priority. We, therefore, take the security of our systems extremely seriously, and we genuinely value the assistance of the security community in assisting us to keep all of our systems safe and secure. We therefore operate a responsible disclosure policy to allow you to quickly and effectively raise security concerns with the person who can address them.
If you believe you have identified a vulnerability, please read through the submission terms below and contact us. The terms below apply to any website, application or service distributed by or hosted by MarketFinance, or served under a domain owned by MarketFinance.
You can use our email address to alert us to:
We ask that you act responsibly and in the best interests of MarketFinance and our customers at all times.
If you believe you've found a security vulnerability in one of our products or platforms, please report it by emailing our security team. By emailing or providing a disclosure to us, you agree to our Terms and Conditions and that we can use your submission and its contents to ensure the security, integrity and reliable operation of our technology and business.
Your submission should contain:
We ask that you do not share or publicise an unresolved vulnerability with/to third parties. If you responsibly submit a vulnerability report, we will make reasonable efforts to respond quickly.
We do not offer any financial rewards for submissions, but we are happy to thank every individual researcher who submits a vulnerability report that helps us improve our overall security. We will not name anyone without their prior consent.
We are actively working to put a bug bounty program in place which will facilitate and regulate financial rewards for disclosures, but at this time, we cannot provide any monetary rewards.
Anyone can report an information security issue using our dedicated email address: firstname.lastname@example.org