Responsible Disclosure Policy

Help us keep Koppa and all related platforms secure.

At Koppa, we take the security of our platforms seriously โ€” not only for gokoppa.com, but also for all whitelabel services we operate, including but not limited to:

  • bedrijfspoule.nl
  • bedrijfspronostiek.be
  • bureaudepronostics.fr
  • burodelasporras.es
  • burotippspiel.de
  • futbolonline.com.ar
  • futbolonline.com.mx
  • getfantasysoccer.com
  • officefantasy.co.uk
  • toernooivoetbal.be
  • toernooivoetbal.com
  • torneidicalcio.com
  • torneodefutbol.cl
  • torneodefutbol.com.ar
  • torneodefutbol.com.mx
  • torneodefutbol.es
  • tournamentfootball.co.uk
  • tournamentsoccer.us
  • tournoidefootball.fr
  • turnierfussball.de
  • ufficiodifantacalcio.it

(and others under our management)

If you discover a vulnerability or potential security issue, weโ€™d like to hear from you โ€” so we can investigate and address it as quickly as possible.

๐Ÿ“ฌ Contact

You can report security issues directly to:

๐ŸŽฏ Scope

This policy applies to all public-facing services and domains operated by Gokoppa, including our whitelabel platforms listed above. Issues outside this scope may not be prioritized unless they pose a significant risk.

โœ… We Appreciate

  • Clear, concise vulnerability reports.
  • Reports that respect our usersโ€™ privacy and do not access unnecessary data.
  • Use of test accounts where possible.
  • Time to fix the issue before public disclosure (a reasonable timeframe, typically 30 days).

๐Ÿšซ Please Avoid

  • DDoS attacks or brute force attempts.
  • Social engineering against employees or partners.
  • Spamming, phishing, or compromising systems you do not own.
  • Physical security testing of Gokoppa facilities or offices.

โš–๏ธ Safe Harbor

We will not pursue legal action against researchers who:

  • Act in good faith.
  • Follow the rules in this policy.
  • Report vulnerabilities privately and responsibly.

๐ŸŽ‰ Recognition

We maintain a Hall of Fame page for researchers who help keep our platforms secure:
๐Ÿ‘‰ https://www.gokoppa.com/security/hall-of-fame

If youโ€™d like recognition, please let us know โ€” weโ€™re happy to credit your contributions publicly (or keep them anonymous if preferred).

๐Ÿ” Data & Privacy

All vulnerability data will be handled confidentially in accordance with our Privacy Policy. You can read more about how we process user data and security-related information there.