Security Vulnerability Notification

Vulnerability Disclosure Notification Process

How to notify Integra of a security issue

If you discover a vulnerability in our systems, services, or products, please notify us as quickly as possible by sending an email to: info@integramicro.com

Please include, as a minimum, the following information to help us investigate efficiently:

• Your preferred contact details (including Contact Phone number).
• A detailed description of the vulnerability.
• The time and method of its discovery.
• Specifics of the system, service, or product where the vulnerability has been discovered.
• Any other related information (e.g., code samples, logs, screenshots, proof-of-concept).

Resolution process

We will promptly investigate any reported notification issues and will undertake all required actions and measures to mitigate and/or resolve the identified vulnerability. We are committed to a timely and effective resolution.

Undertakings

By submitting a vulnerability notification to Integra, you agree to:

• Not disclose or publish the vulnerability to others before it has been fixed and before the expiration of a mutually agreed time frame.
• Not take advantage of the vulnerability, modify, download, or delete any records or data, or launch any type of attack based on the vulnerability.
• Abide by the laws and regulations related to your location.
• Comply with applicable data protection legislations, in particular by not disclosing a third party’s personal data without any valid legal ground.
• Confirm that the elements contained in the notification you are submitting do not infringe intellectual property rights of any third party (i.e., you did not copy elements available on the internet, for example).

By submitting a vulnerability notification to Integra, you agree to grant Integra an irrevocable, worldwide right to use it, gratuitously and for a period of fifty years.

Processing of Your Personal Data

When submitting your notification, you understand that Integra will process your personal data. Such processing is carried out in compliance with applicable data protection laws, and in any case, your personal data will be processed only in order to follow up on your notification. Integra undertakes not to process your personal data for any other purpose.

With whom do we share your personal data?

Your personal data will be shared with third parties only to the extent strictly necessary for the purpose of addressing the vulnerability. When relying on such third parties, be assured that Integra has entered into contractual agreements to ensure that your personal data are processed safely and strictly according to Integra’s instructions.

Furthermore, Integra affiliates or the third party at stake may be located outside of your region, thus implying a data transfer of your personal data. Where such a transfer takes place, Integra ensures appropriate safeguards are in place, aligning with our global data protection framework and commitments.

How long does Integra keep your personal data?

Integra shall keep your personal data for no longer than is necessary for the purpose(s) for which they were collected. Integra shall keep your personal data for three (3) years from the date of collection, unless a longer retention period is required or permitted by law.

What are your rights and how to exercise them?

You can request to access, rectify, or erase your personal data. You may also object to the processing of your personal data, or request that it be restricted. In addition, you can ask for the communication of your personal data in a structured, commonly used, and machine-readable format.

If you wish to exercise those rights, please contact our Data Protection Office by sending an email to the following address: info@integramicro.com. Where appropriate, we will communicate your request and/or complaint to the relevant local data protection officer.

Please note that you also have the right to lodge a complaint before a data protection authority or the competent court of law in your jurisdiction.