Effective Date: 02-02-2025

At BTB Consulting, we prioritize the security and privacy of our clients, partners, and website visitors. We are committed to maintaining a secure environment for our digital platforms, and we value the contributions of security researchers and ethical hackers in identifying and mitigating potential vulnerabilities.

This Responsible Disclosure Statement outlines how you can report security vulnerabilities and the steps we take to address such reports responsibly and in compliance with Canadian laws.

Scope

This statement applies to:

• BTB Consulting’s website and digital platforms.
• Any online services provided by BTB Consulting.
• It does not cover third-party websites, applications, or services linked to or integrated with our platforms.
  
  

Reporting a Security Vulnerability

If you identify a security vulnerability in any of BTB Consulting’s systems, we encourage you to report it promptly. Please follow these steps to ensure responsible disclosure:

Submit a Report:

Email us at info@btbconsult.ca with a detailed description of the vulnerability, including:

• The affected system or URL.
• Steps to reproduce the vulnerability.
• Any supporting evidence, such as screenshots or code snippets.
  
  

Avoid Public Disclosure:

To protect the security of our systems and users, do not disclose the vulnerability publicly or share it with others until we have had an opportunity to investigate and resolve the issue.

Act in Good Faith:

Please do not exploit the vulnerability, compromise data, or disrupt services while conducting your investigation or submitting your report.

Our Commitment

When you report a vulnerability in accordance with this Responsible Disclosure Statement, BTB Consulting commits to:

• Acknowledging receipt of your report within [Insert Timeframe].
• Investigating the reported vulnerability and working to resolve it promptly.
• Keeping you informed about the status of your report, where appropriate.
• Recognizing your efforts if you choose to be credited, subject to mutual agreement.
  
  

Guidelines for Responsible Reporting

To ensure responsible disclosure, we ask that you:

• Act within the bounds of the law and avoid unauthorized access to systems or data.
• Limit testing to vulnerabilities you have discovered yourself.
• Refrain from actions that could harm BTB Consulting, its clients, or users, such as:
• Exploiting the vulnerability for malicious purposes.
• Accessing, modifying, or deleting data without authorization.
• Engaging in denial-of-service (DoS) attacks.
• Legal Considerations
  
  

BTB Consulting is committed to working collaboratively with individuals who disclose vulnerabilities responsibly. However, unauthorized access to systems or data may violate Canadian laws, including the Criminal Code of Canada. We reserve the right to take appropriate legal action in cases of non-compliance with this Responsible Disclosure Statement.

No Compensation Policy

BTB Consulting does not offer monetary rewards for vulnerability reports. However, we may publicly acknowledge your contribution with your consent.

Contact Information

To report a security vulnerability or for questions about this statement, please contact us at: info@btbconsult.ca

Continuous Improvement

BTB Consulting is committed to improving the security of our platforms. We encourage ongoing collaboration with the security community to ensure the integrity and safety of our digital environment.

Thank you for helping us protect our systems, clients, and users. Together, we can build a safer and more secure digital experience.

This Responsible Disclosure Statement is subject to periodic review and updates.