VULNERABILITY DISCLOSURE POLICY

If you believe you have found a security vulnerability on one of our web sites or in our apps, we thank you in advance for letting us know right away. We will investigate all legitimate reports and do our best to quickly fix any problem.

Below you will find the best way to report a security vulnerability, while if you are looking to report a privacy issue, please contact our privacy officer as described on Ferrero Privacy Policy.

We will not pursue legal action, nor initiate a complaint to law enforcement, against the finder/researcher operating in good faith. However, the Ferrero Group reserves all legal rights in the event of noncompliance to the Guidelines for Operating in Good Faith that follow.

GUIDELINES FOR OPERATING IN GOOD FAITH

As a proof of good faith, we expect from you an ethical behavior making every effort to:

  -   Avoid disruptive actions against Ferrero systems.
  -   Keep the information related to the discovered vulnerability confidential for a reasonable time period to allow our technical department to resolve the issue.
  -   Avoid privacy violation or any destruction, modification or exfiltration of Ferrero data.
  -   Avoid leveraging the vulnerability in the attempt to reach further systems or services, or to establish persistence (backdoor/command line access).
  -   Not violate any other applicable laws or regulations.

OUT OF SCOPE

The following vulnerabilities are out of scope for submittal under the Vulnerability Disclosure Policy:

  -   Spam or social engineering techniques.
  -   Denial-of-service attacks.
  -   Brute force credential compromise.
  -   Content injection posting content on Ferrero websites.
  -   Physical access testing (e.g., facility access, tailgating, device theft).

CONTACT INFORMATION

If you believe you have discovered a security vulnerability in one of our assets, we encourage you to notify us through our Vulnerability Disclosure Program.

Ferrero begyndte sin rejse i den lille by Alba i Piemonte, Italien, i 1946. I dag er virksomheden en af verdens største inden for færdigpakkede søde fødevarer med populære brands, der sælges i mere end 170 lande. Ferrero-koncernen glæder mennesker over hele verden med populære produkter som f.eks. Nutella®, Kinder®, Tic Tac® og Ferrero Rocher®. Omkring 47.000 medarbejdere brænder for at hjælpe mennesker med at fejre livets særlige øjeblikke. Ferrero-koncernens familiekultur – nu tredje generation – er forankret i dedikation til kvalitet, stræben efter det ypperste, historie og en forpligtelse over for planeten og de lokalsamfund, vi opererer i.