Ready for impact?
contact us.

1. At Advertising Advantage, the security of our systems and services is of vital importance. We are dedicated to continually improving our systems and welcome the contribution of security researchers in identifying vulnerabilities.
2. If you believe you have identified a vulnerability in our systems or services, we encourage you to promptly report it to us in accordance with this Program.
3. For the protection of our clients and partners, we ask that you do not publicly disclose any suspected security vulnerabilities without our permission.
4. This Program should not be used to report phishing or scam emails. If you have received a hoax or phishing email which appears to have been sent by Advertising Advantage, please send it to security@adad.com.au.
5. In this Program, a reference to ‘we’, ‘our’ or ‘us’ is a reference to Advertising Advantage Pty Ltd.

1. Vulnerability research into our systems and services must be conducted in a responsible and ethical manner.
2. The following types of security research on our systems and services are prohibited:

   (a) clickjacking;

   (b) social engineering (including phishing);

   (c) sending unsolicited or unauthorised messages (such as spam);

   (d) weak or insecure SSL ciphers and certificates;

   (e) denial of service (DoS);

   (f) introduce malicious software or malware that could impact our services;

   (g) any physical attacks;

   (h) any attempts to access data that you are not authorised to;

   (i) any attempts to modify or destroy data; and

   (j) any activities that are unethical or in violation of the law.

All of Advertising Advantage’s rights in relation to activities of this nature on our systems and services are strictly reserved.

1. To confidentially report a vulnerability, please email us at security@adad.com.au.
2. To assist in our efforts to investigate and repair the vulnerability, please include as much detail regarding the method by which you produced the vulnerability as possible.
3. All reports submitted under this policy are confidential and must not be publicly disclosed without our prior written consent. By submitting a report under this policy, you agree to be bound by its terms and waive all of your rights in relation to the information contained in the report.

1. We will confirm receipt of your report.
2. The information that you provide will be used to investigate the potential security vulnerability and, if necessary, mitigate or repair the vulnerability. We may maintain communication with you and provide updates regarding the steps that we are taking in response to your report.
3. We may use the information contained in your report for the purpose of notifications to regulatory authorities or law enforcement agencies, or if required by law.

1. We recognise and thank the researchers who have contributed to the ongoing security of our systems. However, we do not compensate individuals or organisations for identifying suspected or confirmed security vulnerabilities.