Skip to main content

Security Policy

Responsible Disclosure

How We Protect You

256-bit SSL Encryption

All data transmitted between you and our servers is encrypted with bank-grade TLS 1.3 encryption.

Two-Factor Authentication

TOTP-based 2FA protects your account from unauthorized access, even if your password is compromised.

KYC/AML Compliance

Identity verification via Sumsub with document checks, liveness detection, and ongoing sanctions screening.

Security Audits

Regular penetration testing and code audits with 1,300+ security findings identified and resolved.

Smart Contract Audits

Smart contract materials are prepared for independent review, with open-source code intended to be published on the Base blockchain explorer.

GDPR Compliance

Full EU data protection compliance with data minimization, right to erasure, and transparent data processing.

Scope

This policy applies to any vulnerabilities found in the EuropaTech platform, including but not limited to:

  • The web application at europa-tech.org
  • The API at api.europa-tech.org
  • Authentication and authorization mechanisms
  • Payment processing integrations

How to Report a Vulnerability

If you discover a security vulnerability, we encourage you to report it responsibly. Please send a detailed report to security@europa-tech.org.

Your report should include:

  • A description of the vulnerability and its potential impact
  • Steps to reproduce the issue
  • Any relevant screenshots, logs, or proof of concept

Our Response Commitments

  • We will acknowledge receipt of your report within 48 hours
  • We will provide an initial assessment within 5 business days
  • We will keep you informed of our progress toward resolving the issue

Rules of Engagement

When researching vulnerabilities, please adhere to the following guidelines:

  • Do not access, modify, or delete data belonging to other users
  • Do not perform denial-of-service attacks or degrade platform performance
  • Do not exploit vulnerabilities beyond what is necessary to demonstrate the issue
  • Do not disclose vulnerabilities publicly until they have been resolved

Contact

For security-related inquiries, contact us at security@europa-tech.org