Book a Demo
{"products":[{"name":"Delio Core","url":"https:\/\/www.deliogroup.com\/products\/technology\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio-connect-1.png","description":"Your integrated, digital private markets operating system"},{"name":"Delio Structuring ","url":"https:\/\/www.deliogroup.com\/products\/structuring\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2021\/08\/expertise.png","description":"Configurable investment vehicles for private markets"}],"solutions":[{"name":"Digitise deal distribution, reporting and client experience","url":"https:\/\/www.deliogroup.com\/how-delio-helps\/digitise-deal-distribution\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio_growth.png","description":""},{"name":"Automate transaction workflows and data insights","url":"https:\/\/www.deliogroup.com\/how-delio-helps\/automate-transaction-workflows\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio_efficiency.png","description":""},{"name":"Embed and manage robust regulatory governance","url":"https:\/\/www.deliogroup.com\/how-delio-helps\/robust-regulatory-governance\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/05\/governance.png","description":""},{"name":"Digitally embed deal structuring solutions","url":"https:\/\/www.deliogroup.com\/how-delio-helps\/embed-deal-structuring\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio_engagement.png","description":""},{"name":"Manage multiple propositions and tools via a single client interface","url":"https:\/\/www.deliogroup.com\/how-delio-helps\/non-conflicted-digital-hub\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio_reporting.png","description":""},{"name":"Enable digital institution to institution deal sharing","url":"https:\/\/www.deliogroup.com\/how-delio-helps\/deal-sharing\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio-network.png","description":""}],"company":[{"name":"Our team","url":"https:\/\/www.deliogroup.com\/company\/team\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio-about-us-1.png","description":"Introducing the people behind Delio"},{"name":"Careers","url":"https:\/\/www.deliogroup.com\/careers\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio-careers-1.png","description":"What it's like to work at Delio"},{"name":"Our values","url":"https:\/\/www.deliogroup.com\/company\/our-values\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2023\/02\/Departments-Management-1.png","description":"How we think, behave and react"},{"name":"Contact us ","url":"https:\/\/www.deliogroup.com\/contact-us\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/05\/delio-connect-1.png","description":"How to get in touch"}],"insights":[{"name":"News","url":"https:\/\/www.deliogroup.com\/news\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio-platform-1.png","description":"The latest private markets and tech news"},{"name":"Resources","url":"https:\/\/www.deliogroup.com\/resources\/","icon":"https:\/\/www.deliogroup.com\/wp-content\/uploads\/2020\/06\/delio-consultancy-1.png","description":"Our industry research, briefings and more"}]}

Overview

At Delio, we consider the security of our systems a top priority. However, no technology is perfect and Delio believes that working with skilled security researchers across the globe is very important in identifying weaknesses in any technology. If you believe you’ve found a security issue in our product or service, we appreciate your help in disclosing it to us in a responsible manner. We welcome working with you to resolve the issue promptly.

Delio will engage with security researchers when vulnerabilities are reported to us as described here. We will validate, respond, and fix vulnerabilities in support of our commitment to security and privacy. We won’t take legal action against, suspend, or terminate access to the Service of those who discover and report security vulnerabilities responsibly. Delio reserves all of its legal rights in the event of any non-compliance.

As thanks for your help, we offer a reward for every report of a security problem that is not known to us. We determine the value of the reward on the basis of the seriousness of the breach and the quality of the report.

Reporting

Share the details of any suspected vulnerabilities with the Delio Security Team by filing a report. Please do not publicly disclose these details outside of this process without explicit permission. In reporting any suspected vulnerabilities, please include the following information:

  • Vulnerable URL – the endpoint where the vulnerability occurs;
  • Vulnerable Parameter – if applicable, the parameter where the vulnerability occurs;
  • Vulnerability Type – the type of the vulnerability;
  • Steps to Reproduce – step-by-step information on how to reproduce the issue;
  • Screenshots or Video – a demonstration of the attack; and
  • Attack Scenario – an example attack scenario may help demonstrate the risk and get your issue resolved faster.

Reports that carry an acceptable risk but demonstrate a valid security-related behavior will be closed as informative. Submissions that don’t present a security risk, are false positives, or are out of scope will be closed as N/A.

Identical reports will be marked as “Duplicate[s]” of the original submission; the original report can be marked as (but not limited) to “Triaged”, “N/A”, or “Informative.”

While we currently do not have a formal vulnerability reporting system in place at this time, please reach out to security@deliogroup.com to report any critical issues you may discover. Please encrypt any sensitive data with our PGP key.

Disclosure policy

  • Let us know as soon as possible upon discovery of a potential security issue, and we’ll make every effort to quickly resolve the issue.
  • Provide us a reasonable amount of time to resolve the issue before any disclosure to the public or a third-party.
  • Make a good faith effort to avoid privacy violations, destruction of data, and interruption or degradation of our service. Only interact with accounts you own or with explicit permission of the account holder.
  • Submissions may be closed if a researcher is non-responsive to requests for information after 14 days.

Exclusions

In no event are you permitted to access, download or modify data residing in any other Account, or one that is not registered to you. While researching, we’d like to ask you to refrain from:

  • Executing or attempting to execute any “Denial of Service” attack.
  • Actions which affect the integrity or availability of program targets are prohibited and strictly enforced. If you notice performance degradation on the target systems, you must immediately suspend all use of automated tools.
  • Social engineering (including phishing) of Delio staff or contractors
  • Any physical attempts against Delio property or data centers
  • Knowingly posting, transmitting, uploading, linking to, sending or storing any Malicious Software.
  • Testing in a manner that would result in the sending of unsolicited or unauthorized junk mail, spam, pyramid schemes or other forms of duplicative or unsolicited messages.
  • Testing or otherwise accessing or using the Service from any jurisdiction that is a Prohibited Jurisdiction.
  • Testing third party applications or websites or services that integrate with or link to the Service.

Our commitment

We ask that you do not share or publicise an unresolved vulnerability with/to third parties. If you responsibly submit a vulnerability report, the Delio security team and associated development organizations will use reasonable efforts to:

  • Acknowledge receipt of your vulnerability report in a timely manner
  • Provide an estimated time frame for addressing the vulnerability report
  • Notify you when the vulnerability is fixed

As a token of our gratitude for your assistance, we offer a reward for every report of a security problem that was not yet known to us. The amount of the reward will be determined based on the severity of the leak and the quality of the report.