Reporting bugs and vulnerabilities

We love technology, but we also understand that things may not always work as expected, and new weaknesses and vulnerabilities surface all the time. Please make us aware of anything that is not as expected by sending an email to us.

It may be helpful to provide as many details as possible, including the following:

• Where to find the issue – specific form or location, URL or other technical information
• How to reproduce – a few steps that describe what to do to trigger the issue, so our team can replicate
• In some cases it may help to include a screenshot of the issue

Please note, our organisation does not operate a bug bounty scheme, which means that no rewards will be paid for reporting vulnerabilities, but we will endeavour to take the necessary steps as soon as practicable.

When investigating and reporting issues, it is your responsibility to make sure of the following:

• Local or international laws are not broken
• Content in our systems is not changed or altered and their functioning is not disrupted
• Large volumes of unnecessary traffic is not generated
• Details of findings relating to our systems are not shared with others without express permissions