At PIERER Mobility AG, we prioritize the safety and security of our customers above all else. Despite our efforts to implement the best possible security measures, vulnerabilities may still be present in our products, services, or systems. If you have identified any vulnerabilities, we encourage you to report them so that we can promptly address them.
Reports are accepted for evaluation if they refer to websites, services, or vehicles of the PIERER Mobility Group.
To disclose a potential vulnerability, please send your results to vulnerability@pierermobility.com using PGP or S/MIME. The corresponding public key can be downloaded here.
We try to respond to your report within five business days with a first acknowledgement and try to complete our internal analysis within ten business days.
In case we need additional information, we will reach out to you. Additionally, we will keep you updated on the status of the vulnerability.
Please be aware that the timelines mentioned may not be guaranteed. Nonetheless, our security team will endeavor to keep you informed about the progress of any reported vulnerabilities.
Please note that addressing a vulnerability in a vehicle differs significantly from handling vulnerabilities in classic IT systems. Vehicles are subject to stringent legal requirements and safety standards. Consequently, developing a potential patch for a vehicle may involve a longer timeframe.
All personal data in connection with a vulnerability report will be processed in accordance to PIERER Mobility Group’s internal data privacy procedures and in compliance with all applicable laws.
The following data may be processed by the responsible vulnerability team (if provided):
Data retention depends on the result of the investigation, however, and can differ depending on local legal requirements. When: