Data security is a top priority at Sernova. We believe that collaboration with skilled security researchers is crucial to identifying weaknesses in any technology. If you believe you have found a security vulnerability in Sernova’s service, please notify us immediately. We will work with you to resolve the issue promptly.
Disclosure Policy
To disclose a potential vulnerability, please email SOC@sernovafinancial.com. We will acknowledge your email within one business day.
Please allow us reasonable time to resolve the issue before disclosing it publicly or to a third party. We aim to resolve critical issues within ten business days of disclosure.
While researching, please refrain from:
- Denial-of-service (DoS) attacks
- Spamming
- Social engineering or phishing of Sernova employees or contractors
- Any attacks against Sernova’s physical property or data centres
Please make a good faith effort to avoid:
- Violating privacy
- Destroying data
- Interrupting or degrading the Sernova service
Please only interact with accounts you own or for which you have explicit permission from the account holder.
Exclusions
This policy is intended to help ensure a safe and secure environment for all Sernova users. Any user believed to be engaging in the activities listed above will have their user credentials immediately deactivated.
Scope
This policy applies to Sernova applications hosted at sernovafinancial.com and any associated subdomains or services.
Contact
Sernova welcomes feedback, questions, and suggestions. Email us at SOC@sernovafinancial.com.