Who we are
TOP skilled security professionals over the globe are connected to support companies on GDPR A.32 Ready, Crowd Penetration-Testing, Bug Bounty and Employment. Give at minimum 300% more protection on your digital properties.Our website address is: https://findbug.io.
THE INFORMATION WE COLLECT
We collect some information from you when you create an account so that you can use the Services.
We also collect some information to make sure FindBUG works properly and to improve user experience. This may include using Your Information for analytical purposes.
Below is a more detailed explanation of the information we collect and use.
1.1. Information We Collect From You
Whether you are a Customer or a Hacker, when you create an account with FindBUG, you are required to provide us with profile information, including your name, company name (if applicable), username, password, and email address. FindBUG stores this information to help identify you when you log in.
Once you’ve registered with FindBUG, you create a user profile. Your profile information includes your name (if you choose to provide it), chosen user name, company name (if applicable), and if you choose, a profile photo, your location, and any other information you choose to include in the “Profile” field. We may display your profile information on our site where other users of FindBUG and visitors to our web site will be able to see that information.
If you are a Customer, in addition to your profile information, you may provide us with financial information, including your credit card or debit card information, or your banking information, in order to assist us in awarding Bounties, collecting Bounty Deposits, or collecting FindBUG Fees.
If you are a Hacker, in addition to your profile information, you may need to provide us with other personally identifying information necessary for background and fraud checking purposes where required. This includes your date of birth, nationality, current and previous addresses, your social security number (or tax identification number), and for bounty award purposes, your banking, Coinbase, or PayPal information in order to allow us to pay you monetary Bounty awards from Customers. In addition, in order that we can award any “swag” where available, we may ask for information such as a mailing address, telephone number, and t-shirt size.
1.2. Information We Automatically Collect
We receive some information automatically when you visit FindBUG. This includes information about the device, browser, and operating system you use when accessing our site and Services, your IP address, the website that referred you to FindBUG, which pages you request and visit, and the date and time of each request you make to FindBUG. If you visit FindBUG when you are logged into your account, we also collect the user identification number we assign you when you open your account.
- Strictly necessary cookies
When you log in to your account, FindBUG will place cookie(s) for the purpose of creating the session, knowing when you’re logged in, and recognizing you as the same authenticated user across accounts. These cookie(s) contain an encrypted user identifier.
- Functionality cookies
We use functionality cookies to recall information you provide, the choices you make, or the settings you select to optimize features for you across the Services or to remember changes you have made to customize the Service to you.
- Analytic cookies
HOW WE USE YOUR INFORMATION
We may use Your Information when needed to provide and keep the site and Services running and prevent abuse. Your Information is used internally in this respect, to provide our Services under our Terms with you, for the purpose of our legitimate business interests, to comply with our legal obligations or with your consent. In particular, we use your information:
- to allow us in our legitimate interest, to support, sign-in and verify access by registered users;
- to establish and administer commercial relationships and transactions under our General Terms and Conditions;
- to send you marketing communications, including via email and SMS in compliance with applicable laws and in accordance with your preferences, that we believe may be of interest to you;
- to contact you about your account or reply to any communications you send us;
- to troubleshoot, in our legitimate interest, any problems with your account or the Services;
- to review and enforce compliance with our General Terms and Conditions and guidelines and policies; and
- to analyze the use of FindBUG in order to understand how we can improve our content and services.
In addition, we employ other companies and people to perform tasks on our behalf in supporting the Services. This includes but is not limited to, providers of hosting, payment processing, document and content management tools, providers of software and services that allow integration with other of our systems such as for verification, ticketing, and escalation purposes, and providers of analytic data services. We may share Your Information with them as needed to provide the Services to you. Unless we tell you differently, our agents do not have any right to use any personal information we share with them beyond what is necessary to assist us.
Where there is agreement by Customers and Hackers that Vulnerability Reports are publicly disclosed, then certain information about the report associated with your profile may be published through our Services.
For Hackers who participate in certain Programs of particular Customers, to the extent described in the Program Policies, FindBUG may share contact information about those Hackers (name, company name (if applicable), and email address) to allow those Customers to contact those Hackers to allow them to interact directly.
For Hackers who choose to submit a Vulnerability Report directly to a Customer outside the FindBUG Platform, FindBUG may provide that Customer with a reference to your public profile information.
We may share aggregated information and non-identifying information with third parties for industry research and analysis, demographic profiling and other similar purposes.
We will cooperate with government and law enforcement officials or private parties to enforce and comply with the law. We may disclose Your Information to government or law enforcement officials or private parties as we, in our sole discretion, believe necessary or appropriate: (a) to comply with law, regulation or valid legal process (including orders and subpoenas); or (b) to protect our property, rights and safety and the property, rights and safety of a third party or the public in general. If we are going to release Your Information, our policy is to provide you with notice unless we are prohibited from doing so by law or court order.
YOUR INFORMATION STORAGE
With the exception of access logs, which are retained for two years and then purged from our systems, our Information will be retained for the duration of your account and may be retained for a period after this time as necessary and relevant to our legitimate operations, our General Terms and Conditions with you, and in compliance with applicable law obligations. This may include retention necessary to meet our tax reporting requirements or for licensing purposes, as well as time required to enforce our rights or identify, issue, or resolve legal proceedings.
You may choose to disable your FindBUG account at any time. This means your user profile will no longer be visible on our site and Services. However, for the purposes mentioned above, we may need to retain information within our internal systems. In addition, public reports and associated information that you’ve submitted will still be available on FindBUG.
FindBUG will use reasonable efforts to secure information submitted to us by our users. We use encryption (HTTPS/TLS) to protect data transmitted to and from our site. However, no data transmission over the internet is completely secure, so we cannot guarantee the absolute security of this data. You use the Services at your own risk, and are responsible for taking reasonable measures to secure your account (such as keeping your password secret).
We welcome children to submit reports to FindBUG. However, applicable laws may restrict our ability to collect personal information from children.
The definition of a child varies by jurisdiction. In Kosovo, this section applies to you if you are under 16. In most member states of the European Union, this applies to everyone under 16.
FindBUG is not directed to minors. If you are considered a child and want to submit a report to us, please ask your parent or guardian to submit it for you. Please note that any bounty payments that may apply are only issued to an adult. If we become aware that we have collected personal information from a child in conflict with applicable law, we will delete that information.
Your Information may be transferred to, and maintained on, computers located outside of your state, province, country or other governmental jurisdiction where the privacy laws may not be as protective as those in your jurisdiction. If you are located outside the Kosovo and choose to provide Your Information to us, we may transfer Your Information to the Kosovo and process it there. Where we transfer Your Information, we will take all reasonable steps to ensure that your privacy rights continue to be protected.
In the case of transfers of data out of Europe, we have committed to comply with the EU frameworks.
We respect the rights you may have to request the Information held by us and where relevant, to receive a copy of this information or to receive that information in a commonly used electronic format (or have it provided to another service provider where feasible). You may also have the right under applicable law to request the correction or erasure of Your Information, to seek to object to the further processing under certain circumstances of Your Information or to request that specific processing is restricted while we verify or investigate your concerns with this information.
As mentioned above you have the right to request to limit the use and disclosure of your personal data (i.e. object) to certain further processing which includes direct marketing or to request a list of any third parties in the past calendar year to which we may have disclosed your information for direct marketing purposes along with details of the categories of information shared with those third parties. You can submit a request by email or by writing to us at the “Contact” address below.
If you remain unhappy with a response you receive, you can also refer the matter to a relevant data protection supervisory authority.
Str. Zeki Shulemaja 1st Floor
10000 Prishtina, Republic of Kosovo.