Responsible disclosure

The safety of our systems is of paramount importance at Royal FloraHolland. We want to create the safest possible conditions for our growers and buyers. Still, the occasional mistake is always possible. We have a responsible disclosure procedure to deal with this. Have you discovered a mistake or a vulnerability? We would like to hear from you!

We use the Intigriti platform; it is only possible to share your findings with us here.

The terms and conditions we use and what is in and out of scope are shown here. Describe in detail what you have found, how we can reproduce it and, if possible, how we can solve it. You can use either Dutch or English. You should only use the Intigriti platform to file your report to ensure that the information remains confidential and reaches us in the correct way.

What can you expect from us?

  • If you comply with the conditions stated on Intigriti, Royal FloraHolland will not attach any legal consequences to the report.
  • We welcome your contribution and we will handle it with all due respect. We will use your (personal) data solely to communicate with you about the report. We will not share it with others without your permission, unless legally obliged to do so. You can also share your report under an alias.
  • We will keep you posted on the status of your report.
  • If you discover a significant and valid issue, you could be invited to join our private Bug Bounty programme!