Responsible disclosure

At Showpad, privacy and security are our top priorities. We work to keep our service and related assets safe and secure. However, if you identify a vulnerability, we’d love to hear from you right away..



  • Contact us at (either in English or Dutch). We may then direct you to our bug bounty program where you can submit your report detailing what you found, how we can replicate your findings (including the URL, IP, screenshots, etc. ), and, if possible, how we can mitigate the vulnerability
  • Report in a manner that safeguards the confidentiality of the findings so that others do not gain access to the information


  • Take advantage of the vulnerability or problem you have discovered (examples: downloading more data than necessary to demonstrate the vulnerability or deleting or modifying other people’s data)
  • Perform a physical attack or use social engineering, distributed denial of service, spam, or third-party applications
    Repeatedly gain access to the system or share access with others
  • Make changes to the system
  • Perform actions that may lead to damages for Showpad or any of its users/customers or website visitors
  • Reveal any of this information without the consent of the Showpad Security Office
Our Promise

Our Promise

  • We will do our best to acknowledge receipt of your report within three business days
  • We will not undertake any legal action if you accept and apply all the rules above
  • We will treat your contribution with the necessary respect and will not reveal your personal data with any third parties without your consent unless we are legally required to do so. Findings can be shared using an alias
  • We will keep you updated on the progress of the fix

Interested in joining our Intigriti program?

If you are interested in joining our Intigriti program and collecting bounties for your findings, please contact the Showpad security team at