At Koppa, we take the security of our platforms seriously β not only for gokoppa.com, but also for all whitelabel services we operate, including but not limited to:
- bedrijfspoule.nl
- getfantasysoccer.com
- officefantasy.co.uk
- bedrijfspronostiek.be
- futbolonline.com.ar
- burotippspiel.de
- bureaudepronostics.fr
- burodelasporras.es
- ufficiodifantacalcio.it
- futbolonline.com.mx
(and others under our management)
If you discover a vulnerability or potential security issue, weβd like to hear from you β so we can investigate and address it as quickly as possible.
π¬ Contact
You can report security issues directly to:
- Email: security@gokoppa.com
- PGP Key: https://www.gokoppa.com/security/pgp-key.txt (for encrypted reports)
- Preferred Languages: English, Dutch
π― Scope
This policy applies to all public-facing services and domains operated by Gokoppa, including our whitelabel platforms listed above. Issues outside this scope may not be prioritized unless they pose a significant risk.
β We Appreciate
- Clear, concise vulnerability reports.
- Reports that respect our usersβ privacy and do not access unnecessary data.
- Use of test accounts where possible.
- Time to fix the issue before public disclosure (a reasonable timeframe, typically 30 days).
π« Please Avoid
- DDoS attacks or brute force attempts.
- Social engineering against employees or partners.
- Spamming, phishing, or compromising systems you do not own.
- Physical security testing of Gokoppa facilities or offices.
βοΈ Safe Harbor
We will not pursue legal action against researchers who:
- Act in good faith.
- Follow the rules in this policy.
- Report vulnerabilities privately and responsibly.
π Recognition
We maintain a Hall of Fame page for researchers who help keep our platforms secure:
π https://www.gokoppa.com/security/hall-of-fame
If youβd like recognition, please let us know β weβre happy to credit your contributions publicly (or keep them anonymous if preferred).
π Data & Privacy
All vulnerability data will be handled confidentially in accordance with our Privacy Policy. You can read more about how we process user data and security-related information there.