This website uses cookies

This website uses cookies to ensure the functionality of the website. In addition, with your consent, we can use cookies to collect information on the use of the website in order to constantly improve the website. By clicking on the “Only allow essential cookies” button, you reject the use of cookies other than essential cookies. By ticking the “Statistics” and “Marketing” boxes and clicking the “Allow selection” button, you consent to the use of other cookies. All essential, marketing and statistics cookies are accepted via the “Accept all cookies” button. You can obtain differentiated information on the individual cookies in the data protection information. You can revoke your consent at any time by clicking on the “Cookie settings” button at the bottom left.



Essential cookies enable basic functions and are necessary for the website to function properly.
Statistics cookies collect information anonymously. This information helps us to understand how our visitors use our website.
Marketing cookies are used by third parties or publishers to display personalized advertisements. They do this by tracking visitors across websites.



Vulnerability Disclosure Policy

/ Parking Solutions
/ Vulnerability Disclosure Policy

Your security is our top priority.

The security of our products and services is a top priority. This Vulnerability Disclosure Policy describes how to responsibly report potential security vulnerabilities in our cloud services. We welcome reports from security researchers, customers, and partners, and commit to working with you to address findings in a timely and transparent manner.

This policy applies to:

  • entervo infinite SaaS platform
  • Web applications and APIs under *.scheidt-bachmann.net domain
  • E-Receipt Portal under *.receipt-parking.com domain

Out of scope:

  • Customer-managed on-premise deployments of entervo.core
  • Third-party services and integrations not operated by Scheidt & Bachmann Parking Solutions
  • Social engineering attacks, spam, physical attacks, denial-of-service (DoS/DDoS) testing, or automated scanning tools causing service disruption

If you are unsure whether a system is in scope, please contact us before starting any testing.

Reporting Guidelines

If you discover a vulnerability, please:

  • Email us at security@scheidt-bachmann.net
  • Encrypt sensitive details with our PGP key.
  • Provide clear information to reproduce the issue:
    • Affected product, service, or API endpoint
    • Steps to reproduce
    • Potential impact
    • Proof-of-concept (if safe)
  • Do not publicly disclose the vulnerability until it has been resolved in coordination with us.

Our Commitments

When you report a vulnerability in good faith and in line with this policy, we will:

  • Acknowledge receipt of your report within 5 business days
  • Provide a first assessment or status update within 10 business days
  • Work with you on a coordinated disclosure timeline (typically within 90 days, adjusted by severity and remediation complexity)
  • Give you recognition in our Acknowledgments page, if desired
  • Not pursue legal action for research conducted in good faith and within scope

Rules of Engagement

  • Do not access or attempt to access customer data.
  • Do not disrupt services or degrade availability.
  • Do not use automated scanning tools without prior coordination.
  • Testing must be limited to accounts you own or test accounts explicitly provided by us.
  • Do not exploit a vulnerability beyond what is required to prove its existence.

Safe Harbor

We consider security research activities conducted under this policy as authorized. If your research follows these rules of engagement, we will not initiate
legal action against you.
This safe harbor does not extend to:

  • Actions that are malicious, exploitative, or cause harm
  • Violations of laws unrelated to security research

Rewards

At this time, Scheidt & Bachmann Parking Solutions does not operate a formal bug bounty program. However, we value the efforts of security researchers
and may, at our discretion, offer compensation or other recognition for high-impact reports. All valid reports are eligible for acknowledgment on our
Acknowledgments page.

Contact

Email: security@scheidt-bachmann.net

PGP key: www.scheidt-bachmann.net/.well-known/pubkey.txt

The image shows Thomas Wallraven.

Thomas Wallraven

Sales Director 
+49 2166 266-797

wallraven.thomas@scheidt-bachmann.de

 

Scheidt & Bachmann Parking Solutions GmbH
Breite Str. 132
41238 Mönchengladbach

Contact

Fields marked with * are required
 Read privacy policy
Get free expert advice
Book an appointment