1. Security approach
Hamster Systems uses role-based permissions, special ranks, admin audit logs, ticket assignment, access approval PINs, time-limited unlocks, and operational controls to reduce risk.
2. Reporting vulnerabilities
If you discover a vulnerability, report it privately through the website contact/support routes. Include enough detail to reproduce the issue safely. Do not publicly disclose the issue until we have had reasonable time to investigate.
3. Responsible disclosure rules
- Do not access, copy, modify, delete, or disclose data that is not yours.
- Do not run destructive tests, denial-of-service attacks, spam, malware, or social engineering.
- Do not attempt persistence or privilege escalation beyond what is needed to demonstrate the issue.
4. Account security
Users should use strong passwords, protect email accounts, avoid password reuse, and report suspicious activity quickly.
5. Infrastructure
Infrastructure may be hosted in Germany/EU environments. Hosting providers, server controls, backups, logs, and access controls may be used to protect availability and data integrity.