{"id":456,"date":"2024-05-03T14:42:46","date_gmt":"2024-05-03T14:42:46","guid":{"rendered":"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/"},"modified":"2024-07-24T11:07:37","modified_gmt":"2024-07-24T11:07:37","slug":"disclosure-policy","status":"publish","type":"page","link":"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/","title":{"rendered":"Responsible disclosure policy"},"content":{"rendered":"\n<p class=\"wp-block-paragraph\">LEGAL<\/p>\n\n\n\n<h1 class=\"wp-block-heading has-max-huge-font-size\" id=\"h-responsible-disclosure-policy\">Responsible disclosure policy<\/h1>\n\n\n\n<p class=\"wp-block-paragraph\">Simply Business is a trading name of Xbridge Limited which is authorised and regulated by the Financial Conduct Authority (Financial Services Registration No: 313348). In this Vulnerability Disclosure Policy (the \u201cPolicy\u201d), references to &#8220;Simply Business&#8221; are to Xbridge Limited. The security and privacy of our customers&#8217; confidential information are important to Simply Business (\u201cwe\u201d, \u201cus\u201d or \u201cour\u201d). We take protecting this information seriously and use technical, administrative, and physical controls to safeguard data. How can you help us to enhance the security of our digital experience? We want to hear from security researchers (\u201cyou\u201d, \u201cyours\u201d or \u201cyour\u201d) who have information related to suspected security vulnerabilities of any Simply Business services exposed to the internet (the \u201cVulnerability\u201d or \u201cVulnerabilities\u201d). We value your work and are committed to working with you. Please report Vulnerabilities to us in accordance with this Policy. Thank you in advance for your contribution.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-reporting-a-vulnerability\">Reporting a vulnerability<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Please email your Vulnerability to\u00a0<a href=\"mailto:bugreports@simplybusiness.co.uk\">bugreports@simplybusiness.co.uk<\/a>. Please use our\u00a0<a href=\"https:\/\/www.simplybusiness.co.uk\/downloads\/sbbugreports.key\">PGP key<\/a>\u00a0for secure reporting. The report should include sufficient information to allow us to validate and reproduce the issue, including:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">The service affected, such as the URL, IP address, or product version<\/li>\n\n\n\n<li class=\"wp-block-list-item\">A detailed description of the Vulnerability<\/li>\n\n\n\n<li class=\"wp-block-list-item\">A description of how the Vulnerability was discovered (including tools that were used) or what steps you were taking when you encountered the Vulnerability<\/li>\n\n\n\n<li class=\"wp-block-list-item\">A description of the impact of the Vulnerability and the likely attack scenario<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Proof of concept (\u201cPoC\u201d) code, if applicable. Alternatively, please supply reproduction instruction demonstrating how the Vulnerability might be exploited<\/li>\n\n\n\n<li class=\"wp-block-list-item\">OPTIONAL: Ideally, a suggested patch or remediation action if you are aware of how to fix the Vulnerability, if available<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-by-submitting-your-report-to-simply-business\">By submitting Your report to Simply Business:<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">You agree not to publicly disclose the Vulnerability until Simply Business agrees to a public disclosure<\/li>\n\n\n\n<li class=\"wp-block-list-item\">You agree to keep all communication with Simply Business confidential<\/li>\n\n\n\n<li class=\"wp-block-list-item\">You represent the report is original to you and that you did not copy the report or any part of it from another third party<\/li>\n\n\n\n<li class=\"wp-block-list-item\">You allow Simply Business and its group companies the unconditional ability to use, distribute, and\/or disclose information provided in your report.<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-our-expectations-with-your-discovery\">Our expectations with your discovery:<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">If you are considering submitting a Vulnerability report, your values clearly align with ours here at Simply Business. You know how critical security is and you want to protect customer information. Understanding this shared perspective, we do not want you to take on or create unnecessary risk in order to discover a Vulnerability. While we support acts taken in good faith to discover and report vulnerabilities, we expressly prohibit any of the following conduct:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">Spamming forms or scanning applications through automated vulnerability scanners<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Publicly disclosing a Vulnerability without giving us a reasonable amount of time to respond to the issue<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Accessing or modifying our data or our users\u2019 data, without explicit permission of the relevant owner. Only interact with your own accounts or test accounts for security research purposes<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Denial of Service (DoS) and Distributed Denial of Service (DDoS) attacks<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Attacks on third party services<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">We ask that you do the following in conducting your research:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">Contact us immediately if you do inadvertently encounter user data. Do not view, alter, save, store, transfer, or otherwise access the data, and immediately purge any local information upon reporting the vulnerability to Simply Business<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Act in good faith to avoid privacy violations, destruction of data, and interruption or degradation of our services (including denial of service)<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Comply with all applicable laws<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">Please be aware that we do not currently offer bounties for disclosures and do not negotiate in response to duress or threats (for example, we will not negotiate a payout amount under threat of withholding the Vulnerability or threat of releasing the Vulnerability or any exposed data to the public). If you find something, please report it immediately to us without conditions.<\/p>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-our-promise-to-researchers\">Our promise to researchers:<\/h2>\n\n\n\n<p class=\"wp-block-paragraph\">Simply Business values and welcomes external security research, and, as part of an open and transparent relationship with the security community, have taken steps to protect researchers. In doing so we acknowledge the following:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">We will not pursue legal action or initiate a complaint to law enforcement agencies for activities carried out in accordance with this Policy and\/or for what we consider to be accidental, good faith violations of this Policy. We consider activities conducted consistently with this Policy and in good faith to constitute \u201cauthorised\u201d conduct under the Computer Misuse Act 1990<\/li>\n\n\n\n<li class=\"wp-block-list-item\">You should contact us at&nbsp;<a href=\"mailto:bugreports@simplybusiness.co.uk\">bugreports@simplybusiness.co.uk<\/a>&nbsp;to request specific approval, setting out your reasons for your request, if you believe your proposed activities are likely to be inconsistent with the terms of this Policy. You should not start your proposed activities until you have our approval<\/li>\n\n\n\n<li class=\"wp-block-list-item\">If legal action is initiated by a third party against you and you have complied with this Policy, we will take reasonable steps to make it known that your actions were conducted in compliance with this Policy<\/li>\n\n\n\n<li class=\"wp-block-list-item\">We believe in giving credit where credit is due, and will not attempt to silence researchers who report vulnerabilities to us. We encourage full public disclosure, but ask that we are provided with advance notification and a reasonable amount of time to fix the issues prior to disclosure<\/li>\n\n\n\n<li class=\"wp-block-list-item\">We will act in good faith to fix issues reported in a timely manner<\/li>\n<\/ul>\n\n\n\n<p class=\"wp-block-paragraph\">The following issues are outside the scope of this Policy:<\/p>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">Our policies relating to the presence or absence of SPF\/DMARC records<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Our policies relating to passwords, emails and user accounts, such as email identification verification, reset link expiration and password complexity<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Lack of CSRF tokens (unless there is evidence of actual, sensitive user action that is not protected by a token)<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Login\/logout CSRF<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Attacks requiring physical access to a user&#8217;s device<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Missing security headers which do not lead directly to a Vulnerability<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Missing best practices (we require evidence of a Vulnerability)<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Self-XSS (we require evidence on how the XSS can be used to attack another Simply Business user)<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Host header injections (unless you can show how they can lead to stealing user data)<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Use of a known-vulnerable library (without evidence of exploitability)<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Reports from automated tools or scans<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Reports of spam (including any report involving ability to send emails without rate limits)<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Attacks that require an attacker application to have the permission to overlay on top of our application (for example, tapjacking, clickjacking)<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Vulnerabilities affecting users of outdated browsers or platforms<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Social engineering by Simply Business employees or contractors<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Any physical attempts against Simply Business property or data centres<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Presence of autocomplete attribute on web forms<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Missing cookie flags on non-sensitive cookies<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Reports of insecure SSL\/TLS ciphers (unless you have a working proof of concept, and not just a report from a scanner)<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Any report that discusses how you can learn whether a given username, email address has a Simply Business account<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Any access to data where the targeted user needs to be operating a rooted mobile device<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Content spoofing vulnerabilities (where you can only inject text or an image into a page) spoofing vulnerability where attackers can inject image or rich text (HTML), including pure text injection<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Ability to share links without verifying email<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Absence of rate limiting, unless related to authentication<\/li>\n\n\n\n<li class=\"wp-block-list-item\">IP\/Port Scanning via Simply Business services, unless you are able to hit private IPs or Simply Business servers<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Devices (ios, android, desktop apps) not unlinking on password change<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Hyperlink injection or any link injection in emails which we send<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Creating multiple accounts using the same email<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Phishing risk via unicode\/punycode or RTLO issues<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Editable Github wikis<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Denial of service<\/li>\n<\/ul>\n\n\n\n<h2 class=\"wp-block-heading\" id=\"h-the-following-applications-are-within-the-scope-of-this-policy\">The following applications are within the scope of this Policy:<\/h2>\n\n\n\n<ul class=\"wp-block-list\">\n<li class=\"wp-block-list-item\">simplybusiness.com<\/li>\n\n\n\n<li class=\"wp-block-list-item\">simplybusiness.co.uk<\/li>\n\n\n\n<li class=\"wp-block-list-item\">Simply Business mobile applications (Android and iOS)<\/li>\n<\/ul>\n\n\n\n<div id=\"newsletter-subscribe\" class=\"wp-block-group newsletter-subscribe is-layout-flow wp-block-group-is-layout-flow wp-block-block\" style=\"border-top-color:#cccccc;border-top-width:1px;padding-top:var(--wp--preset--spacing--80);padding-right:0;padding-bottom:var(--wp--preset--spacing--80);padding-left:0\">\n<p class=\"has-text-align-center has-dark-800-color has-text-color has-link-color has-medium-font-size wp-elements-ced002c3d2e03fde51d8880b5da0f3bb wp-block-paragraph\" style=\"margin-bottom:var(--wp--preset--spacing--50)\">A free monthly newsletter with the latest news and tools for small businesses and landlords.<\/p>\n\n\n\n<div class=\"wp-block-buttons is-content-justification-center is-layout-flex wp-container-core-buttons-is-layout-222c5d1d wp-block-buttons-is-layout-flex\" style=\"margin-bottom:var(--wp--preset--spacing--50)\">\n<div class=\"wp-block-button is-style-outline has-size-medium is-style-outline--1\"><a class=\"wp-block-button__link wp-element-button\" href=\"https:\/\/www.simplybusiness.co.uk\/about-us\/newsletter-signup\/\">Subscribe to our newsletter<\/a><\/div>\n<\/div>\n\n\n\n<ul class=\"wp-block-social-links has-small-icon-size is-style-logos-only is-content-justification-center is-layout-flex wp-container-core-social-links-is-layout-a89b3969 wp-block-social-links-is-layout-flex\"><li class=\"wp-social-link wp-social-link-facebook  wp-block-social-link\"><a rel=\"noopener nofollow\" target=\"_blank\" href=\"https:\/\/www.facebook.com\/simplybusiness\" class=\"wp-block-social-link-anchor\" rel=\"noopener noreferrer\" target=\"_blank\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M12 2C6.5 2 2 6.5 2 12c0 5 3.7 9.1 8.4 9.9v-7H7.9V12h2.5V9.8c0-2.5 1.5-3.9 3.8-3.9 1.1 0 2.2.2 2.2.2v2.5h-1.3c-1.2 0-1.6.8-1.6 1.6V12h2.8l-.4 2.9h-2.3v7C18.3 21.1 22 17 22 12c0-5.5-4.5-10-10-10z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Follow Simply Business on Facebook<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-x  wp-block-social-link\"><a rel=\"noopener nofollow\" target=\"_blank\" href=\"https:\/\/www.x.com\/simplybusiness\" class=\"wp-block-social-link-anchor\" rel=\"noopener noreferrer\" target=\"_blank\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M13.982 10.622 20.54 3h-1.554l-5.693 6.618L8.745 3H3.5l6.876 10.007L3.5 21h1.554l6.012-6.989L15.868 21h5.245l-7.131-10.378Zm-2.128 2.474-.697-.997-5.543-7.93H8l4.474 6.4.697.996 5.815 8.318h-2.387l-4.745-6.787Z\" \/><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Follow Simply Business on X<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-youtube  wp-block-social-link\"><a rel=\"noopener nofollow\" target=\"_blank\" href=\"https:\/\/www.youtube.com\/user\/simplybusiness\" class=\"wp-block-social-link-anchor\" rel=\"noopener noreferrer\" target=\"_blank\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M21.8,8.001c0,0-0.195-1.378-0.795-1.985c-0.76-0.797-1.613-0.801-2.004-0.847c-2.799-0.202-6.997-0.202-6.997-0.202 h-0.009c0,0-4.198,0-6.997,0.202C4.608,5.216,3.756,5.22,2.995,6.016C2.395,6.623,2.2,8.001,2.2,8.001S2,9.62,2,11.238v1.517 c0,1.618,0.2,3.237,0.2,3.237s0.195,1.378,0.795,1.985c0.761,0.797,1.76,0.771,2.205,0.855c1.6,0.153,6.8,0.201,6.8,0.201 s4.203-0.006,7.001-0.209c0.391-0.047,1.243-0.051,2.004-0.847c0.6-0.607,0.795-1.985,0.795-1.985s0.2-1.618,0.2-3.237v-1.517 C22,9.62,21.8,8.001,21.8,8.001z M9.935,14.594l-0.001-5.62l5.404,2.82L9.935,14.594z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Subscribe to Simply Business Videos on Youtube<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-linkedin  wp-block-social-link\"><a rel=\"noopener nofollow\" target=\"_blank\" href=\"https:\/\/www.linkedin.com\/company\/simply-business_39914\" class=\"wp-block-social-link-anchor\" rel=\"noopener noreferrer\" target=\"_blank\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M19.7,3H4.3C3.582,3,3,3.582,3,4.3v15.4C3,20.418,3.582,21,4.3,21h15.4c0.718,0,1.3-0.582,1.3-1.3V4.3 C21,3.582,20.418,3,19.7,3z M8.339,18.338H5.667v-8.59h2.672V18.338z M7.004,8.574c-0.857,0-1.549-0.694-1.549-1.548 c0-0.855,0.691-1.548,1.549-1.548c0.854,0,1.547,0.694,1.547,1.548C8.551,7.881,7.858,8.574,7.004,8.574z M18.339,18.338h-2.669 v-4.177c0-0.996-0.017-2.278-1.387-2.278c-1.389,0-1.601,1.086-1.601,2.206v4.249h-2.667v-8.59h2.559v1.174h0.037 c0.356-0.675,1.227-1.387,2.526-1.387c2.703,0,3.203,1.779,3.203,4.092V18.338z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Follow Simply Business on LinkedIn<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-instagram  wp-block-social-link\"><a rel=\"noopener nofollow\" target=\"_blank\" href=\"https:\/\/www.instagram.com\/simplybusiness\" class=\"wp-block-social-link-anchor\" rel=\"noopener noreferrer\" target=\"_blank\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 24 24\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M12,4.622c2.403,0,2.688,0.009,3.637,0.052c0.877,0.04,1.354,0.187,1.671,0.31c0.42,0.163,0.72,0.358,1.035,0.673 c0.315,0.315,0.51,0.615,0.673,1.035c0.123,0.317,0.27,0.794,0.31,1.671c0.043,0.949,0.052,1.234,0.052,3.637 s-0.009,2.688-0.052,3.637c-0.04,0.877-0.187,1.354-0.31,1.671c-0.163,0.42-0.358,0.72-0.673,1.035 c-0.315,0.315-0.615,0.51-1.035,0.673c-0.317,0.123-0.794,0.27-1.671,0.31c-0.949,0.043-1.233,0.052-3.637,0.052 s-2.688-0.009-3.637-0.052c-0.877-0.04-1.354-0.187-1.671-0.31c-0.42-0.163-0.72-0.358-1.035-0.673 c-0.315-0.315-0.51-0.615-0.673-1.035c-0.123-0.317-0.27-0.794-0.31-1.671C4.631,14.688,4.622,14.403,4.622,12 s0.009-2.688,0.052-3.637c0.04-0.877,0.187-1.354,0.31-1.671c0.163-0.42,0.358-0.72,0.673-1.035 c0.315-0.315,0.615-0.51,1.035-0.673c0.317-0.123,0.794-0.27,1.671-0.31C9.312,4.631,9.597,4.622,12,4.622 M12,3 C9.556,3,9.249,3.01,8.289,3.054C7.331,3.098,6.677,3.25,6.105,3.472C5.513,3.702,5.011,4.01,4.511,4.511 c-0.5,0.5-0.808,1.002-1.038,1.594C3.25,6.677,3.098,7.331,3.054,8.289C3.01,9.249,3,9.556,3,12c0,2.444,0.01,2.751,0.054,3.711 c0.044,0.958,0.196,1.612,0.418,2.185c0.23,0.592,0.538,1.094,1.038,1.594c0.5,0.5,1.002,0.808,1.594,1.038 c0.572,0.222,1.227,0.375,2.185,0.418C9.249,20.99,9.556,21,12,21s2.751-0.01,3.711-0.054c0.958-0.044,1.612-0.196,2.185-0.418 c0.592-0.23,1.094-0.538,1.594-1.038c0.5-0.5,0.808-1.002,1.038-1.594c0.222-0.572,0.375-1.227,0.418-2.185 C20.99,14.751,21,14.444,21,12s-0.01-2.751-0.054-3.711c-0.044-0.958-0.196-1.612-0.418-2.185c-0.23-0.592-0.538-1.094-1.038-1.594 c-0.5-0.5-1.002-0.808-1.594-1.038c-0.572-0.222-1.227-0.375-2.185-0.418C14.751,3.01,14.444,3,12,3L12,3z M12,7.378 c-2.552,0-4.622,2.069-4.622,4.622S9.448,16.622,12,16.622s4.622-2.069,4.622-4.622S14.552,7.378,12,7.378z M12,15 c-1.657,0-3-1.343-3-3s1.343-3,3-3s3,1.343,3,3S13.657,15,12,15z M16.804,6.116c-0.596,0-1.08,0.484-1.08,1.08 s0.484,1.08,1.08,1.08c0.596,0,1.08-0.484,1.08-1.08S17.401,6.116,16.804,6.116z\"><\/path><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Follow Simply Business on Instagram<\/span><\/a><\/li>\n\n<li class=\"wp-social-link wp-social-link-tiktok  wp-block-social-link\"><a rel=\"noopener nofollow\" target=\"_blank\" href=\"https:\/\/www.tiktok.com\/@simplybusiness\" class=\"wp-block-social-link-anchor\" rel=\"noopener noreferrer\" target=\"_blank\"><svg width=\"24\" height=\"24\" viewBox=\"0 0 32 32\" version=\"1.1\" xmlns=\"http:\/\/www.w3.org\/2000\/svg\" aria-hidden=\"true\" focusable=\"false\"><path d=\"M16.708 0.027c1.745-0.027 3.48-0.011 5.213-0.027 0.105 2.041 0.839 4.12 2.333 5.563 1.491 1.479 3.6 2.156 5.652 2.385v5.369c-1.923-0.063-3.855-0.463-5.6-1.291-0.76-0.344-1.468-0.787-2.161-1.24-0.009 3.896 0.016 7.787-0.025 11.667-0.104 1.864-0.719 3.719-1.803 5.255-1.744 2.557-4.771 4.224-7.88 4.276-1.907 0.109-3.812-0.411-5.437-1.369-2.693-1.588-4.588-4.495-4.864-7.615-0.032-0.667-0.043-1.333-0.016-1.984 0.24-2.537 1.495-4.964 3.443-6.615 2.208-1.923 5.301-2.839 8.197-2.297 0.027 1.975-0.052 3.948-0.052 5.923-1.323-0.428-2.869-0.308-4.025 0.495-0.844 0.547-1.485 1.385-1.819 2.333-0.276 0.676-0.197 1.427-0.181 2.145 0.317 2.188 2.421 4.027 4.667 3.828 1.489-0.016 2.916-0.88 3.692-2.145 0.251-0.443 0.532-0.896 0.547-1.417 0.131-2.385 0.079-4.76 0.095-7.145 0.011-5.375-0.016-10.735 0.025-16.093z\" \/><\/svg><span class=\"wp-block-social-link-label screen-reader-text\">Follow Simply Business on TikTok<\/span><\/a><\/li><\/ul>\n<\/div>\n","protected":false},"excerpt":{"rendered":"<p>LEGAL Responsible disclosure policy Simply Business is a trading name of Xbridge Limited which is authorised and regulated by the Financial Conduct Authority (Financial Services Registration No: 313348). In this Vulnerability Disclosure Policy (the \u201cPolicy\u201d), references to &#8220;Simply Business&#8221; are to Xbridge Limited. The security and privacy of our customers&#8217; confidential information are important to [&hellip;]<\/p>\n","protected":false},"author":14,"featured_media":0,"parent":0,"menu_order":0,"comment_status":"closed","ping_status":"closed","template":"","meta":{"sb_hreflang":"","sb_hreflang_url":"","disable_breadcrumbs":false,"sb_breadcrumbs":[],"sb_faq_schema":"","sb_phone":"","sb_header_url_text":"","sb_secondary_logo":0,"sb_secondary_logo_url":"","sb_show_primary_cta":true,"sb_primary_cta_text":"","sb_primary_cta_url":"","sb_show_secondary_cta":true,"sb_secondary_cta_text":"","sb_secondary_cta_url":"","sb_show_contact_cta":true,"sb_contact_cta_id":"","sb_primary_cta_id":"","sb_secondary_cta_id":"","sb_no_sticky_header":false,"sb_show_last_updated_date":"","sb_enable_replacement_text":false,"sb_replacement_h1":"","_sb_hreflang_stale":false,"footnotes":""},"hidden-category":[],"import-page-type":[],"coauthors":[],"class_list":["post-456","page","type-page","status-publish","hentry"],"yoast_head":"<!-- This site is optimized with the Yoast SEO Premium plugin v27.2 (Yoast SEO v27.2) - https:\/\/yoast.com\/product\/yoast-seo-premium-wordpress\/ -->\n<title>Responsible disclosure policy - Simply Business UK<\/title>\n<meta name=\"description\" content=\"Responsible disclosure policy.\" \/>\n<meta name=\"robots\" content=\"index, follow, max-snippet:-1, max-image-preview:large, max-video-preview:-1\" \/>\n<link rel=\"canonical\" href=\"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/\" \/>\n<meta property=\"og:locale\" content=\"en_GB\" \/>\n<meta property=\"og:type\" content=\"article\" \/>\n<meta property=\"og:title\" content=\"Responsible disclosure policy\" \/>\n<meta property=\"og:description\" content=\"Responsible disclosure policy.\" \/>\n<meta property=\"og:url\" content=\"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/\" \/>\n<meta property=\"og:site_name\" content=\"Simply Business UK\" \/>\n<meta property=\"article:publisher\" content=\"https:\/\/www.facebook.com\/simplybusiness\" \/>\n<meta property=\"article:modified_time\" content=\"2024-07-24T11:07:37+00:00\" \/>\n<meta property=\"og:image\" content=\"https:\/\/www.simplybusiness.co.uk\/wp-content\/uploads\/sites\/3\/2024\/06\/sb-opengraph.png\" \/>\n<meta name=\"twitter:card\" content=\"summary_large_image\" \/>\n<meta name=\"twitter:site\" content=\"@simplybusiness\" \/>\n<meta name=\"twitter:label1\" content=\"Est. reading time\" \/>\n\t<meta name=\"twitter:data1\" content=\"7 minutes\" \/>\n<script type=\"application\/ld+json\" class=\"yoast-schema-graph\">{\"@context\":\"https:\/\/schema.org\",\"@graph\":[{\"@type\":\"WebPage\",\"@id\":\"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/\",\"url\":\"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/\",\"name\":\"Responsible disclosure policy - Simply Business UK\",\"isPartOf\":{\"@id\":\"https:\/\/www.simplybusiness.co.uk\/#website\"},\"datePublished\":\"2024-05-03T14:42:46+00:00\",\"dateModified\":\"2024-07-24T11:07:37+00:00\",\"description\":\"Responsible disclosure policy.\",\"breadcrumb\":{\"@id\":\"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/#breadcrumb\"},\"inLanguage\":\"en-GB\",\"potentialAction\":[{\"@type\":\"ReadAction\",\"target\":[\"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/\"]}]},{\"@type\":\"BreadcrumbList\",\"@id\":\"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/#breadcrumb\",\"itemListElement\":[{\"@type\":\"ListItem\",\"position\":1,\"name\":\"Home\",\"item\":\"https:\/\/www.simplybusiness.co.uk\/\"},{\"@type\":\"ListItem\",\"position\":2,\"name\":\"Responsible disclosure policy\"}]},{\"@type\":\"WebSite\",\"@id\":\"https:\/\/www.simplybusiness.co.uk\/#website\",\"url\":\"https:\/\/www.simplybusiness.co.uk\/\",\"name\":\"Simply Business UK\",\"description\":\"\",\"publisher\":{\"@id\":\"https:\/\/www.simplybusiness.co.uk\/#organization\"},\"potentialAction\":[{\"@type\":\"SearchAction\",\"target\":{\"@type\":\"EntryPoint\",\"urlTemplate\":\"https:\/\/www.simplybusiness.co.uk\/?s={search_term_string}\"},\"query-input\":{\"@type\":\"PropertyValueSpecification\",\"valueRequired\":true,\"valueName\":\"search_term_string\"}}],\"inLanguage\":\"en-GB\"},{\"@type\":\"PostalAddress\",\"@id\":\"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/#local-main-place-address\",\"streetAddress\":\"Hylo, 105 Bunhill Row\",\"addressLocality\":\"London\",\"postalCode\":\"EC1Y 8LZ\",\"addressCountry\":\"GB\"},{\"@type\":\"ImageObject\",\"inLanguage\":\"en-GB\",\"@id\":\"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/#local-main-organization-logo\",\"url\":\"https:\/\/www.simplybusiness.co.uk\/wp-content\/uploads\/sites\/3\/2024\/05\/logo.png\",\"contentUrl\":\"https:\/\/www.simplybusiness.co.uk\/wp-content\/uploads\/sites\/3\/2024\/05\/logo.png\",\"width\":533,\"height\":187,\"caption\":\"Simply Business UK\"}]}<\/script>\n<meta name=\"geo.placename\" content=\"London\" \/>\n<meta name=\"geo.region\" content=\"United Kingdom (UK)\" \/>\n<!-- \/ Yoast SEO Premium plugin. -->","yoast_head_json":{"title":"Responsible disclosure policy - Simply Business UK","description":"Responsible disclosure policy.","robots":{"index":"index","follow":"follow","max-snippet":"max-snippet:-1","max-image-preview":"max-image-preview:large","max-video-preview":"max-video-preview:-1"},"canonical":"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/","og_locale":"en_GB","og_type":"article","og_title":"Responsible disclosure policy","og_description":"Responsible disclosure policy.","og_url":"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/","og_site_name":"Simply Business UK","article_publisher":"https:\/\/www.facebook.com\/simplybusiness","article_modified_time":"2024-07-24T11:07:37+00:00","og_image":[{"url":"https:\/\/www.simplybusiness.co.uk\/wp-content\/uploads\/sites\/3\/2024\/06\/sb-opengraph.png","type":"","width":"","height":""}],"twitter_card":"summary_large_image","twitter_site":"@simplybusiness","twitter_misc":{"Est. reading time":"7 minutes"},"schema":{"@context":"https:\/\/schema.org","@graph":[{"@type":"WebPage","@id":"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/","url":"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/","name":"Responsible disclosure policy - Simply Business UK","isPartOf":{"@id":"https:\/\/www.simplybusiness.co.uk\/#website"},"datePublished":"2024-05-03T14:42:46+00:00","dateModified":"2024-07-24T11:07:37+00:00","description":"Responsible disclosure policy.","breadcrumb":{"@id":"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/#breadcrumb"},"inLanguage":"en-GB","potentialAction":[{"@type":"ReadAction","target":["https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/"]}]},{"@type":"BreadcrumbList","@id":"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/#breadcrumb","itemListElement":[{"@type":"ListItem","position":1,"name":"Home","item":"https:\/\/www.simplybusiness.co.uk\/"},{"@type":"ListItem","position":2,"name":"Responsible disclosure policy"}]},{"@type":"WebSite","@id":"https:\/\/www.simplybusiness.co.uk\/#website","url":"https:\/\/www.simplybusiness.co.uk\/","name":"Simply Business UK","description":"","publisher":{"@id":"https:\/\/www.simplybusiness.co.uk\/#organization"},"potentialAction":[{"@type":"SearchAction","target":{"@type":"EntryPoint","urlTemplate":"https:\/\/www.simplybusiness.co.uk\/?s={search_term_string}"},"query-input":{"@type":"PropertyValueSpecification","valueRequired":true,"valueName":"search_term_string"}}],"inLanguage":"en-GB"},{"@type":"PostalAddress","@id":"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/#local-main-place-address","streetAddress":"Hylo, 105 Bunhill Row","addressLocality":"London","postalCode":"EC1Y 8LZ","addressCountry":"GB"},{"@type":"ImageObject","inLanguage":"en-GB","@id":"https:\/\/www.simplybusiness.co.uk\/disclosure-policy\/#local-main-organization-logo","url":"https:\/\/www.simplybusiness.co.uk\/wp-content\/uploads\/sites\/3\/2024\/05\/logo.png","contentUrl":"https:\/\/www.simplybusiness.co.uk\/wp-content\/uploads\/sites\/3\/2024\/05\/logo.png","width":533,"height":187,"caption":"Simply Business UK"}]},"geo.placename":"London","geo.region":"United Kingdom (UK)"},"parsely":{"version":"1.1.0","canonical_url":"https:\/\/simplybusiness.co.uk\/disclosure-policy\/","smart_links":{"inbound":0,"outbound":0},"traffic_boost_suggestions_count":0,"meta":{"@context":"https:\/\/schema.org","@type":"WebPage","headline":"Responsible disclosure policy","url":"http:\/\/www.simplybusiness.co.uk\/disclosure-policy\/","mainEntityOfPage":{"@type":"WebPage","@id":"http:\/\/www.simplybusiness.co.uk\/disclosure-policy\/"},"thumbnailUrl":"","image":{"@type":"ImageObject","url":""},"articleSection":"General business","author":[{"@type":"Person","name":"rishvashah"}],"creator":["rishvashah"],"publisher":{"@type":"Organization","name":"Simply Business UK","logo":"https:\/\/www.simplybusiness.co.uk\/wp-content\/uploads\/sites\/3\/2024\/04\/icon-512x512-1.png"},"keywords":[],"dateCreated":"2024-05-03T14:42:46Z","datePublished":"2024-05-03T14:42:46Z","dateModified":"2024-07-24T11:07:37Z"},"rendered":"<script type=\"application\/ld+json\" class=\"wp-parsely-metadata\">{\"@context\":\"https:\\\/\\\/schema.org\",\"@type\":\"WebPage\",\"headline\":\"Responsible disclosure policy\",\"url\":\"http:\\\/\\\/www.simplybusiness.co.uk\\\/disclosure-policy\\\/\",\"mainEntityOfPage\":{\"@type\":\"WebPage\",\"@id\":\"http:\\\/\\\/www.simplybusiness.co.uk\\\/disclosure-policy\\\/\"},\"thumbnailUrl\":\"\",\"image\":{\"@type\":\"ImageObject\",\"url\":\"\"},\"articleSection\":\"General business\",\"author\":[{\"@type\":\"Person\",\"name\":\"rishvashah\"}],\"creator\":[\"rishvashah\"],\"publisher\":{\"@type\":\"Organization\",\"name\":\"Simply Business UK\",\"logo\":\"https:\\\/\\\/www.simplybusiness.co.uk\\\/wp-content\\\/uploads\\\/sites\\\/3\\\/2024\\\/04\\\/icon-512x512-1.png\"},\"keywords\":[],\"dateCreated\":\"2024-05-03T14:42:46Z\",\"datePublished\":\"2024-05-03T14:42:46Z\",\"dateModified\":\"2024-07-24T11:07:37Z\"}<\/script>","tracker_url":"https:\/\/cdn.parsely.com\/keys\/simplybusiness.co.uk\/p.js"},"_links":{"self":[{"href":"https:\/\/www.simplybusiness.co.uk\/wp-json\/wp\/v2\/pages\/456","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.simplybusiness.co.uk\/wp-json\/wp\/v2\/pages"}],"about":[{"href":"https:\/\/www.simplybusiness.co.uk\/wp-json\/wp\/v2\/types\/page"}],"author":[{"embeddable":true,"href":"https:\/\/www.simplybusiness.co.uk\/wp-json\/wp\/v2\/users\/14"}],"replies":[{"embeddable":true,"href":"https:\/\/www.simplybusiness.co.uk\/wp-json\/wp\/v2\/comments?post=456"}],"version-history":[{"count":14,"href":"https:\/\/www.simplybusiness.co.uk\/wp-json\/wp\/v2\/pages\/456\/revisions"}],"predecessor-version":[{"id":23109,"href":"https:\/\/www.simplybusiness.co.uk\/wp-json\/wp\/v2\/pages\/456\/revisions\/23109"}],"wp:attachment":[{"href":"https:\/\/www.simplybusiness.co.uk\/wp-json\/wp\/v2\/media?parent=456"}],"wp:term":[{"taxonomy":"hidden-category","embeddable":true,"href":"https:\/\/www.simplybusiness.co.uk\/wp-json\/wp\/v2\/hidden-category?post=456"},{"taxonomy":"import-page-type","embeddable":true,"href":"https:\/\/www.simplybusiness.co.uk\/wp-json\/wp\/v2\/import-page-type?post=456"},{"taxonomy":"author","embeddable":true,"href":"https:\/\/www.simplybusiness.co.uk\/wp-json\/wp\/v2\/coauthors?post=456"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}