File: /var/www/quadcode.com/dist/vulnerability-disclosure-policy.html
<!DOCTYPE html>
<html lang="en">
<head>
<base href="/"/>
<meta name="viewport" content="width=device-width, initial-scale=1.0">
<meta content="true" name="HandheldFriendly"/>
<meta content="width" name="MobileOptimized"/>
<meta content="yes" name="apple-mobile-web-app-capable"/>
<title>Quadcode - Vulnerability Disclosure Policy</title>
<!-- STAR FAVICON -->
<link rel="shortcut icon" type="image/x-icon" href="./assets/static/favicon.ico">
<!-- END FAVICON -->
<meta name="description" content="">
<script defer src="main.55b63b83b8b869af5048.js"></script><link href="main.55b63b83b8b869af5048.css" rel="stylesheet"></head>
<style>
.skip-animation * {
transition-duration: 0ms !important;
}
</style>
<script src="https://code.createjs.com/1.0.0/createjs.min.js"></script>
<body class="skip-animation js-history-animation">
<script>
const skip = document.querySelector('.skip-animation');
skip.classList.remove('skip-animation');
</script>
<div id="root">
<!-- START PRELOADER -->
<div class="loader-body loader-body--active" id="loader"> <div id="preloader_animation_container" class="loader-body__loader"> </div> </div>
<!-- END PRELOADER -->
<!-- START HEADER -->
<header class="header"> <div class="header__span"></div> <div class="container"> <div class="header__list"> <div class="header__item"> <div class="logo header__logo"> <a href="/"></a> </div> </div> <div class="header__item header__item_disable"> <div class="dropdown"> <div class="dropdown__btn"> <div class="dropdown__text">B2B Brokerage</div> <div class="dropdown__arrow"> <div class="dropdown__arrow-item dropdown__arrow-item_up"></div> <div class="dropdown__arrow-item dropdown__arrow-item_down"></div> </div> </div> <div class="dropdown__list"> <div class="dropdown__items"> <div class="dropdown__item"> <a href="/under-construction" class="dropdown__link">Trading Platform</a> </div> <div class="dropdown__item"> <a href="/under-construction" class="dropdown__link">Back office</a> </div> <div class="dropdown__item"> <a href="/under-construction" class="dropdown__link">Model & Pricing</a> </div> </div> </div> </div> <div class="dropdown"> <div class="dropdown__btn"> <div class="dropdown__text">Technologies</div> <div class="dropdown__arrow"> <div class="dropdown__arrow-item dropdown__arrow-item_up"></div> <div class="dropdown__arrow-item dropdown__arrow-item_down"></div> </div> </div> <div class="dropdown__list"> <div class="dropdown__items"> <div class="dropdown__item"> <a href="/under-construction" class="dropdown__link">Software as a service</a> </div> <div class="dropdown__item"> <a href="/under-construction" class="dropdown__link">Data security</a> </div> <div class="dropdown__item"> <a href="/under-construction" class="dropdown__link">Integration</a> </div> </div> </div> </div> <div class="dropdown"> <div class="dropdown__btn"> <div class="dropdown__text">Company</div> <div class="dropdown__arrow"> <div class="dropdown__arrow-item dropdown__arrow-item_up"></div> <div class="dropdown__arrow-item dropdown__arrow-item_down"></div> </div> </div> <div class="dropdown__list"> <div class="dropdown__items"> <div class="dropdown__item"> <a href="/under-construction" class="dropdown__link">Team</a> </div> <div class="dropdown__item"> <a href="/under-construction" class="dropdown__link">Events</a> </div> <div class="dropdown__item"> <a href="/under-construction" class="dropdown__link">Blog</a> </div> <div class="dropdown__item"> <a href="/under-construction" class="dropdown__link">Contacts</a> </div> </div> </div> </div> </div> <div class="header__item header__item_lang"> <div class="lang"> <div class="lang__container"> <div class="lang__btn"> <div class="lang__text">Eng</div> <div class="lang__icon"> <div class="lang__arrow lang__arrow-down"></div> <div class="lang__arrow lang__arrow-up"></div> </div> </div> <div class="lang__list"> <div class="lang__inner"> <div class="lang__item"><a href="#" class="lang__link">Deu</a></div> <div class="lang__item"><a href="#" class="lang__link">Esp</a></div> <div class="lang__item"><a href="#" class="lang__link">Fra</a></div> <div class="lang__item"><a href="#" class="lang__link">Ita</a></div> <div class="lang__item"><a href="#" class="lang__link">Por</a></div> </div> </div> </div> </div> </div> <div class="btn-burger"> <svg width="18" height="14" viewBox="0 0 18 14" fill="none" xmlns="http://www.w3.org/2000/svg"> <rect width="18" height="2" fill="#E62334"/> <rect y="6" width="18" height="2" fill="#E62334"/> <rect y="12" width="18" height="2" fill="#E62334"/> </svg> </div> </div> </div> </header>
<!-- END HEADER -->
<div class="terms-conditions">
<div class="container">
<div class="terms-conditions__title titleM">
<h1>Vulnerability Disclosure Policy</h1>
</div>
<div class="terms-conditions__term">
<p>QHL QUAD CODE HOLDING LIMITED, is a software development company registered in the Republic of Cyprus
with company registration number HE390331 and having its registered office at Spyrou Kyprianou &
Evgeniou Voulgareos Kato Polemidia, 4153, Limassol, Cyprus, together with its affiliated entities
(Quadcode). Quadcode provides software services and in particular a trading platform offering
comprehensive brokerage solutions to trading entities (Software). Quadcode is committed to
protecting the privacy and security of users of its software tools. This Vulnerability Disclosure
Program (Program)
welcomes investigative work into security in-scope Vulnerabilities (as defined below) carried out by
well-intentioned and ethical security researchers who discover in good faith Software in-scope
Vulnerabilities
in the Software, subject to the terms and conditions herein contained. Participants acting in
accordance with the terms and conditions of these Terms and will be rewarded with a Benefit (as
defined below) in
exchange for their findings.</p>
</div>
<div class="terms-conditions__term">
<p>PROGRAM TERMS</p>
</div>
<div id="t1" class="terms-conditions__term">
<h2>1. ACCEPTANCE OF TERMS AND OTHER</h2>
<p>1.1 Your participation in the Program is voluntary and subject to the terms and conditions herein
contained (Terms).</p>
<p><br>
1.2 By submitting a Submission (as defined below) for a vulnerability to Quadcode, you acknowledge
that you have read and agreed to these Terms.<br>
<br>
1.3 These Terms are additional and supplementary to any other agreement in which you have entered
with any of the entities whose trading platform is operated by the Software (“Agreements”).<br>
<br>
1.4 The terms of the Agreements will at all times apply to your use of the services under the
Agreements and are autonomous and independent from the Terms of this Program. If there is any
inconsistency
between the terms of the Agreements and these Terms, the Terms will override solely in relation to
the Program.<br>
<br>
1.5 In an effort to encourage you in making responsible Submissions and Submissions made in good
faith, Quadcode commits that, if, upon our sole discretion, we decide that a submission made by you
has been
made
in accordance with the guidelines of these Terms, Quadcode will not bring a private action against
you or refer a matter for public inquiry.<br>
<br>
1.6 IMPORTANT: as part of your research, you are not allowed to modify any files or data, including
permissions, and you are not allowed intentionally to view or access any data which is not required
for your
research.</p>
</div>
<div id="t2" class="terms-conditions__term">
<h2>2. ELIGIBILITY REQUIREMENTS AND YOUR COVENANTS</h2>
<p>2.1 Eligibility Requirements: In order for you to be eligible to participate in this Program and by
extension, to receive a Benefit, YOU MUST NOT:</p>
<ol style="list-style-type:lower-alpha">
<li>
<p>be employed by Quadcode, its subsidiaries or its affiliates entities, or an employee and/or
service provider of any of the entities operated by the Software</p>
</li>
<li>
<p>be an immediate family member of a person employed and/or providing services to Quadcode, its
subsidiaries or its affiliates, or of any of the entities operated by the Software,</p>
</li>
<li>
<p>be a minor, in accordance with the country in which you are a resident. Usually this is over
18 years of age. If you are considered a minor in the country you are a resident, then you
must get your
parents’
or legal guardian’s permission before participating in the Program, and make any Submissions
in relation to Vulnerabilities that are not original, have been previously reported, and
already discovered by
internal procedures,</p>
</li>
</ol>
<p>Subject to the above, if it comes to the knowledge of Quadcode or Quadcode has reasonable grounds to
believe that you meet any of the above requirements, you will be removed from the Program, you will
be
disqualified and will not receive any Benefit.</p>
<p>2.2 Covenants: By the accepting the Terms you confirm, acknowledge, agree and covenant to Quadcode
that you shall not, or assist any other party, to:</p>
<ol style="list-style-type:lower-alpha">
<li>
<p>without the prior written approval of Quadcode, disclose in any way, either to the public
(including via: websites, social networks, forums, blogs, online magazines, and similar) or
any other third
person/entity, the content of your Submission, any findings of your research for a potential
Submission or for an actual Submission (collectively the “Content”),</p>
</li>
</ol>
<p style="margin-left:18pt">(b) use in any way the Content for any other purpose other for the purposes
described herein and to make a Submission,</p>
<p style="margin-left:18pt">(c) modify any files or data, including permissions, and you are not allowed
intentionally to view or access any data which is not required for your research,</p>
<p style="margin-left:18pt">(d) interact with, access, use or modify in any way any trading
accounts of the Software users (real or demo) or their data,</p>
<p style="margin-left:18pt">(e) interrupt or disturb the operation of the Software or the provision of
the services by Quadcode, in any way, and</p>
<p style="margin-left:18pt">(f) violate any other applicable laws and/or regulations and/or or any
existing regulatory documents, including those of QuadcCode.</p>
<p>2.3 Without prejudice to Quadcode’s rights and/or without limiting any other remedies available to
Quadcode under applicable laws, if it comes to the knowledge of Quadcode or Quadcode has reasonable
grounds
to
believe that you meet any of the above requirements, you will be removed from the Program, you will
be disqualified and will not receive any Benefit.</p>
</div>
<div id="t3" class="terms-conditions__term">
<h2>3. SOFTWARE SCOPE</h2>
<p>3.1 Only the entities operated by the Software are in scope, in particular:</p>
<p style="margin-left:31.5pt">(a) Web applications:<br>
*.iqoption.com</p>
<p style="margin-left:31.5pt"> *eu.iqoption.com<br>
*quadcodemarkets.com</p>
<p style="margin-left:31.5pt"> *quadcodemarkets.com.au</p>
<p style="margin-left:31.5pt"> *trade.quadcodemarkets.com</p>
<p style="margin-left:31.5pt">(b) Desktop applications of the above;</p>
<p>(c) Mobile application:<br>
IQOPTION iOS Application</p>
<p style="margin-left:45pt">Quadcode Markets iOS Application</p>
<p style="margin-left:49.5pt">Quadcode Markets Android Application</p>
<p style="margin-left:49.5pt">Quadcode Markets Desktop Application</p>
<p> </p>
<p>3.2 Any software or acquisitions not listed above are not in-scope, including without limitation to
the following:</p>
<p style="margin-left:36pt">(a) my.iqoption.com</p>
<p style="margin-left:72pt">(b) cpa.iqopption.com</p>
<p style="margin-left:72pt">(c) blog.iqoption.com</p>
<p style="margin-left:72pt">(d) blog. quadcodemarkets.com</p>
</div>
<div id="t4" class="terms-conditions__term">
<h2>4. RESPONSE TIME</h2>
<p>Quadcode shall make best efforts to respond within the following time intervals to Submissions:</p>
<p> </p>
<table align="left">
<tbody>
<tr>
<td>
<p>QUADCODE TYPE OF RESPONSE</p>
</td>
<td>
<p>RESPONSE TIME (in business days)</p>
</td>
</tr>
<tr>
<td>
<p>First Response</p>
</td>
<td>
<p>3</p>
</td>
</tr>
<tr>
<td>
<p>Time to Assess Submission Response</p>
</td>
<td>
<p>7 following First Response</p>
</td>
</tr>
<tr>
<td>
<p>Time to pay Benefit following Assessment of Submission</p>
</td>
<td>
<p>up to 30 from Assessment Response (subject to paragraph 8.4)</p>
</td>
</tr>
<tr>
<td>
<p>Time to Resolution</p>
</td>
<td>
<p>Depends on severity and complexity</p>
</td>
</tr>
</tbody>
</table>
<div style="clear:both;"> </div>
</div>
<div id="t5" class="terms-conditions__term">
<h2>5. SCOPE FOR QUADCODE WEB APPLICATION</h2>
<p>5.1In-scope vulnerabilities:</p>
<p style="margin-left:18pt">(a) Injections</p>
<p style="margin-left:18pt">(b) Broken Authentication</p>
<p style="margin-left:18pt">(c) Sensitive Data Exposure</p>
<p style="margin-left:18pt">(d) XML External Entities</p>
<p style="margin-left:18pt">(e) Broken Access Control</p>
<p style="margin-left:18pt">(f) Security Misconfiguration with a demonstration of how to exploit it</p>
<p style="margin-left:18pt">(g) Cross-Site Scripting</p>
<p style="margin-left:18pt">(h) Insecure Deserialization</p>
<p> </p>
<p>5.2 Out-of-Scope vulnerabilities:</p>
<p style="margin-left:18pt">The following shall be considered as out of scope vulnerabilities for the
web application:</p>
<ol style="list-style-type:lower-alpha">
<li>
<p>Social engineering (including phishing) of any employee, contractors andor client
of Quadcode and/or of the entities operated by the Software;</p>
</li>
<li>
<p>Messages from security scanners and other automated systems;</p>
</li>
<li>
<p>Content spoofing and text injection issues without showing an attack vector/without being
able to modify HTML/CSS;</p>
</li>
<li>
<p>Weak password policies;</p>
</li>
<li>
<p>Mail configuration issues including SPF, DKIM, DMARC settings;</p>
</li>
<li>
<p>Host header injection without exploitation;</p>
<ol style="list-style-type:lower-roman">
<li>
<p>CRLF and Host header injection without exploitation</p>
</li>
</ol>
</li>
<li>
<p>DNSSEC configuration;</p>
</li>
<li>
<p>Clickjacking;</p>
</li>
<li>
<p>Unauthenticated/logout/login/signup, enable/disable notification CSRF;</p>
</li>
<li>
<p>Previously known vulnerable libraries without a working Proof of Concept;</p>
</li>
<li>
<p>Missing best practices in SSL/TLS configuration;</p>
</li>
<li>
<p>Missing best practices in HTTP headers configuration without a working Proof of Concept;</p>
<ol style="list-style-type:lower-roman">
<li>
<p>Strict-Transport-Security</p>
</li>
<li>
<p>X-Frame-Options</p>
</li>
<li>
<p>X-XSS-Protection</p>
</li>
<li>
<p>X-Content-Type-Options</p>
</li>
<li>
<p>Content-Security-Policy, X-Content-Security-Policy, X-WebKit-CSP</p>
</li>
<li>
<p>Content-Security-Policy-Report-Only</p>
</li>
</ol>
</li>
<li>
<p>Network disruption of service (DoS) attacks (i.e. connection floods, HTTP GET floods,
etc);</p>
</li>
<li>
<p>Path disclosure;</p>
</li>
<li>
<p>Reports about the absence of a protection mechanism or non-compliance with
recommendations;</p>
</li>
<li>
<p>CSP (content security policy);</p>
</li>
<li>
<p>SSL Issues, e.g.</p>
<ol style="list-style-type:lower-roman">
<li>
<p>SSL Attacks such as BEAST, BREACH, Renegotiation attack</p>
</li>
<li>
<p>SSL Forward secrecy not enabled</p>
</li>
<li>
<p>SSL weak / insecure cipher suites</p>
</li>
</ol>
</li>
<li>
<p>CSRF on forms that are available to anonymous users (e.g. the contact form);</p>
</li>
<li>
<p>Logout Cross-Site Request Forgery (logout CSRF);</p>
</li>
<li>
<p>Presence of application or web browser ‘autocomplete’ or ‘save password’ functionality;</p>
</li>
<li>
<p>Lack of Secure/HTTPOnly flags on non-sensitive cookies;</p>
</li>
<li>
<p>Lack of Security Speedbump when leaving the site;</p>
</li>
<li>
<p>Weak Captcha / Captcha Bypass;</p>
</li>
<li>
<p>Forgot/Change Password page brute force and account lockout not enforced</p>
</li>
<li>
<p>OPTIONS HTTP method enabled; </p>
</li>
<li>
<p>CORS;</p>
</li>
<li>
<p>Username / email enumeration: </p>
<ol style="list-style-type:lower-roman">
<li>
<p>via Login Page error message</p>
</li>
<li>
<p>via Forgot Password error message</p>
</li>
</ol>
</li>
<li>Currently we don’t accepts CSRF</li>
</ol>
</div>
<div id="t6" class="terms-conditions__term">
<h2>6. SCOPE OF MOBILE APPLICATION</h2>
<p>6.1 In-scope Vulnerabilities.<br>
In addition to in-scope vulnerabilities stated above, the following will also be considered as
in-scope vulnerabilities for the mobile application, which shall include:</p>
<p style="margin-left:18pt">(a) Insecure Data Storage;</p>
<p style="margin-left:18pt">(b) Insecure Communication;</p>
<p style="margin-left:18pt">(c) Insecure Authentication; and</p>
<p style="margin-left:18pt">(d) Insecure Authorisation.</p>
<p> </p>
<p>6.2 Out-of-Scope Vulnerabilities.<br>
The following shall be considered as out of scope vulnerabilities for mobile applications:</p>
<ol style="list-style-type:lower-alpha">
<li>
<p>Social engineering (including phishing) of any employee, contractors andor client
of Quadcode and/or of the entities operated by the Software;</p>
</li>
<li>
<p>Missing best practices in SSL/TLS configuration;</p>
</li>
</ol>
<p style="margin-left:18pt">(c) Missing best practices in HTTP headers configuration without a working
Proof of Concept;</p>
<p style="margin-left:18pt">(d) Reports about the absence of a protection mechanism or non-compliance
with recommendations.</p>
<p> </p>
<p>6.2.1 for Android apps</p>
<ul style="list-style-type:disc">
<li>
<p>Shared links leaked through the system clipboard.</p>
</li>
<li>
<p>Any URIs leaked because a malicious app has permission to view URIs opened</p>
</li>
<li>
<p>Absence of certificate pinning</p>
</li>
<li>
<p>Sensitive data in URLs/request bodies when protected by TLS</p>
</li>
<li>
<p>User data stored unencrypted on external storage</p>
</li>
<li>
<p>Lack of obfuscation is out of scope</p>
</li>
<li>
<p>oauth "app secret" hard-coded/recoverable in apk</p>
</li>
<li>
<p>Crashes due to malformed Intents sent to exported Activity/Service/BroadcastReceive
(exploiting these for sensitive data leakage is commonly in scope)</p>
</li>
<li>
<p>Any kind of sensitive data stored in app private directory</p>
</li>
<li>
<p>Lack of binary protection control in android app<br>
</p>
</li>
</ul>
<p>6.2.2 for iOS apps</p>
<ul style="list-style-type:disc">
<li>
<p>Lack of Exploit mitigations ie PIE, ARC, or Stack Canaries</p>
</li>
<li>
<p>Absence of certificate pinning</p>
</li>
<li>
<p>Path disclosure in the binary</p>
</li>
<li>
<p>User data stored unencrypted on the file system</p>
</li>
<li>
<p>Lack of obfuscation is out of scope</p>
</li>
<li>
<p>Lack of jailbreak detection is out of scope</p>
</li>
<li>
<p>oauth "app secret" hard-coded/recoverable </p>
</li>
<li>
<p>Crashes due to malformed URL Schemes</p>
</li>
<li>
<p>Lack of binary protection (anti-debugging) controls</p>
</li>
<li>
<p>Snapshot/Pasteboard leakage</p>
</li>
<li>
<p>Runtime hacking exploits (exploits only possible in a jailbroken environment)</p>
</li>
</ul>
</div>
<div id="t7" class="terms-conditions__term">
<h2>7. SUBMISSION REQUIREMENTS</h2>
<p>7.1 In order to be eligible to receive a Benefit for a submission made under these Terms, your
submission should Include a report with all of the following information (Submission). A
well-written report
will
allow us to more quickly and accurately assess your submission: </p>
<p style="margin-left:22.5pt">(a) Each report must relate to one Vulnerability, unless many
vulnerabilities are concerned and therefore need be included in order to accurately describe the
impact of that one
Vulnerability being reported, but again this will be treated as one Submission for the purposes of a
Benefit,<br>
(b) Full description of the Vulnerability being reported, including the exploitability and
impact,<br>
(c) Full description of the component of the Software in which the Vulnerability was discovered,<br>
(d) Evidence and explanation of all steps required to reproduce the submission, which may include
videos, screenshots, exploit code, traffic logs, web/API requests and responses, email address or
user ID of
any
test accounts, IP address used during testing,<br>
(e) Proposals for the rectification and fix of the Vulnerability being reported,<br>
(f) Full description of any unintentional access taking place during your research/testing, to any
confidential information of Quadcode or of any trading accounts (real or demo) of the users of the
entities
operated by Quadcode, and<br>
(g) Multiple Vulnerabilities caused by one underlying issue will be treated as one Submission for
the purposes of a Benefit.</p>
<p>7.2 Submit the above report to security@quadcode.com</p>
<p> </p>
<p>7.3 Failure to follow all of the above steps and include any of the above items may delay or
jeopardize the acceptance of a Submission and/or the payment of a Benefit (if any).<br>
</p>
</div>
<div id="t8" class="terms-conditions__term">
<h2>8. BENEFIT PAYMENT</h2>
<p>8.1 You shall be eligible to receive a monetary reward (Benefit), if:</p>
<ol style="list-style-type:decimal">
<li>
<p>You are the first person to submit an in-scope Vulnerability being reported,</p>
</li>
<li>
<p>That Vulnerability is determined by Quadcode’s security team, to be a valid security
issue,</p>
</li>
<li>
<p>You have complied with all terms and conditions of these Terms, and</p>
</li>
<li>
<p>You are in compliance with the Terms.<br>
</p>
</li>
</ol>
<p>8.2 Benefits, if any, shall be determined in the sole discretion of Quadcode and in no event shall
Quadcode be under any obligation to pay you a Benefit for any Submission. All Benefit payments shall
be
considered gratuitous.<br>
<br>
8.3 Quadcode shall determine the amount of any Benefit, based on the risk and impact of the
Vulnerability reported. The minimum Benefit for a validated Submission, shall be USD200 and the
maximum
USD2000.<br>
<br>
8.4 The only payment method acceptable for the payment of any Benefits hereunder shall be via bank
wire transfer to your bank account. In order to be able to process any Benefit payments, you will be
required
to provide us upon request a valid Account and IBAN number into which the Benefit shall be paid and
any other information we may consider necessary. Payment of the Benefit into the Bank Account, shall
constitute full and unequivocal satisfaction of any obligations we may have against you in reference
to a Benefit (if any).<br>
<br>
8.5 All Benefits will be made in USD in accordance with the Response Time, and you will be
responsible for any tax implications or other implications related to the payment of the Benefit to
you.<br>
<br>
8.6 Quadcode retains the right to determine upon its sole discretion, whether a Vulnerability
submitted under this Program is eligible. All determinations as to the amount of the Benefit made by
Quadcode,
are
final and shall not be challenged by you. Benefit calculations are made on the basis and shall range
in accordance with, the classification and sensitivity of the data impacted, ease of exploit and
overall
risk
to Quadcode’s clients, Quadcode brand and determined to be a valid security issue by Quadcode’s
security engineers/team.</p>
</div>
<div id="t9" class="terms-conditions__term">
<h2>9. OWNERSHIP OF SUBMISSION (LICENSE)</h2>
<p>9.1 As a condition for your participation in the Quadcode Program, you hereby grant Quadcode, its
subsidiaries, affiliates and customers a perpetual, irrevocable, worldwide, royalty-free,
transferrable,
sublicensable (through multiple tiers) and exclusive license to use, reproduce, adapt, modify,
publish, distribute, publicly perform, create derivative work from, make, use, sell, offer for sale
and import
the
Submission, as well as any materials submitted to Quadcode in connection therewith, for any purpose
(License).<br>
<br>
9.2 You should not make any Submissions with us, you do not wish to License to us as described
above.<br>
<br>
9.3 In addition to your covenant indicated above, you further represent and warrant to Quadcode that
any Submission made by you is original, developed by you, you own all right, title and interest in
and to
any
such Submission.<br>
<br>
9.4 Waiver: by Accepting the Terms and making a Submission, you hereby irrevocably waive all claims,
current or future, of any nature, including express or implied, in contract or otherwise, arising
out of
any
disclosure of the Submission to Quadcode and/or any right attaching to any Submission.<br>
<br>
9.5 In no event shall Quadcode be restricted and/or prohibited from discussing, developing itself,
having developed, or developing for third parties, materials which are competitive with those set
forth in
any
Submission irrespective of their similarity to the information in the Submission, so long as
Quadcode complies with the terms of participation stated in these Terms.</p>
</div>
<div class="terms-conditions__term">
<h2>10. TERMINATION</h2>
<p>In the event where (a) you breach any of these Program Terms or where (b) Quadcode determines, in its
sole discretion that your continued participation in the Program could adversely impact Quadcode
(including, but not limited to, presenting any threat to Quad Code’s systems, security, finances
and/or reputation), Quadcode may immediately terminate your participation in the Program and
disqualify you
from
receiving any Benefit.</p>
</div>
<div class="terms-conditions__term">
<h2>11. CONFIDENTIALITY</h2>
<p>11.1 The Quadcode takes security and data protection very seriously. We strive to create the most
secure infrastructure of any broker in the world and protecting our clients is our highest
priority.
Any
information you receive or collect about Quadcode or any Quadcode user through the Program
(Confidential Information) must be kept confidential and only used in connection with the Program.
You may not use,
disclose or distribute any such Confidential Information, including, but not limited to, any
information regarding your Submission and information you obtain when researching the Software,
without
Quadcode’s
prior written consent.<br>
<br>
11.2 The participant to this Program hereby acknowledges, agrees and undertakes: </p>
<ol style="list-style-type:lower-alpha">
<li>
<p>that any Confidential Information must be kept confidential and only used in connection with
the Program. The participant may not use, disclose or distribute any such Confidential
Information,
including,
but not limited to, any information regarding your Submission and information you obtain
when researching the Software, without Quadcode’s prior written consent. </p>
</li>
<li>
<p>to protect such Confidential Information with at least the same degree of care that the
participant uses to protect its own Confidential Information, but in no case, less than
reasonable care,</p>
</li>
<li>
<p>use the disclosing party’s Confidential Information for no purpose other than the use
permitted by the disclosing party; and </p>
</li>
<li>
<p>immediately notify disclosing party upon discovery of any loss or unauthorized disclosure of
disclosing party’s Confidential Information</p>
</li>
</ol>
<p>11.3 At the request of the Quadcode the participant shall:</p>
<ol style="list-style-type:lower-alpha">
<li>
<p>destroy or return to all documents and materials (and any copies) containing, reflecting,
incorporating or based on the other the Confidential Information,</p>
</li>
<li>
<p>erase all the Confidential Information from computer and communications systems and devices
used by it, including such systems and data storage services provided by third parties (to
the extent
technically
and legally practicable), and</p>
</li>
<li>
<p>certify in writing to Quadcode that it has complied with the requirements of this clause.</p>
</li>
</ol>
<p>11.4 Provided that the participant shall not use the Confidential Information for any purpose other
than to exercise its rights and perform its obligations under or in connection with these Terms.</p>
</div>
<div class="terms-conditions__term">
<h2>12. INDEMNITY</h2>
<p>In addition to any indemnification obligations you may have under the Agreements, you agree to at all
times defend, indemnify and hold Quadcode, its subsidiaries, affiliates, officers, directors,
agents,
joint
ventures, employees and suppliers, harmless from any claim or demand (including attorneys’ fees)
made or incurred by any third party due to or arising out of your Submissions, your breach of these
Terms
and/or
your improper use of the Program.</p>
</div>
<div id="t13" class="terms-conditions__term">
<h2>13. LIMITATION OF LIABILITY</h2>
<p>If you have any basis of recovering damages in connection with this Program (including breach of
these Terms), you agree that your exclusive remedy is to recover, from the Quadcode or any
subsidiaries,
affiliates, resellers, distributors, third- party providers and vendors direct damages up to $100,00
(hundred USD). You cannot recover any other damages or losses, including direct, consequential, lost
profits,
special, indirect, incidental or punitive. These limitations and exclusions apply even if this
remedy does not fully compensate you for any losses or fails of its essential purpose or if we knew
or should
have
known about the possibility of the damages. To the maximum extent permitted by law, these
limitations and exclusions apply to anything or any claims related to these Terms and the Program. </p>
</div>
<div id="t14" class="terms-conditions__term">
<h2>14. APPLICABLE LAW AND JURISDICTION</h2>
<p>The Terms and all transactional relations between the participant and Quadcode shall be
governed by and construed in accordance with the laws of the Republic of Cyprus and the parties
agree that all
disputes shall be finally settled in the courts of the Republic of Cyprus.</p>
</div>
<div id="t15" class="terms-conditions__term">
<h2>15. LEGAL – CHANGE OF PROGRAM TERMS</h2>
<p>The Program, including its policies, is subject to change or cancellation by Quadcode at any time,
without notice. Quadcode may amend these Terms and/or its policies at any time by posting a revised
version on
our website. By continuing to participate in the Program after Quadcode posts any such changes, you
accept the Program Terms, as modified.</p>
</div>
<p>QUADCODE RESERVES ALL OF ITS LEGAL RIGHTS AND REMEDIES</p>
</div>
</div>
<!-- START FOOTER -->
<footer class="footer"> <div class="container"> <div class="footer__row footer__row_first"> <div class="footer__block"> <a href="/under-construction" class="footer__block-header">B2B Brokerage</a> <div class="footer__block-body"> <div class="footer__block-item"> <a href="/under-construction" class="footer__block-link">Trading Platform</a> </div> <div class="footer__block-item"> <a href="/under-construction" class="footer__block-link">Back office</a> </div> <div class="footer__block-item"> <a href="/under-construction" class="footer__block-link">Model & Pricing</a> </div> </div> </div> <div class="footer__block"> <a href="/under-construction" class="footer__block-header">Technologies</a> <div class="footer__block-body"> <div class="footer__block-item"> <a href="/under-construction" class="footer__block-link">Software as a service</a> </div> <div class="footer__block-item"> <a href="/under-construction" class="footer__block-link">Data security</a> </div> <div class="footer__block-item"> <a href="/under-construction" class="footer__block-link">Integration</a> </div> </div> </div> <div class="footer__block"> <a href="/under-construction" class="footer__block-header">Company</a> <div class="footer__block-body"> <div class="footer__block-item"> <a href="/under-construction" class="footer__block-link">Team</a> </div> <div class="footer__block-item"> <a href="/under-construction" class="footer__block-link">Events</a> </div> <div class="footer__block-item"> <a href="/under-construction" class="footer__block-link">Blog</a> </div> <div class="footer__block-item"> <a href="/under-construction" class="footer__block-link">Contacts</a> </div> </div> </div> <div class="social"> <div class="social__items"> <div class="social__item social__item_twitter"><a href="https://twitter.com/Quadcode_SaaS" target="_blank"></a></div> <div class="social__item social__item_facebook"><a href="https://www.facebook.com/Quadcode-108315268769590" target="_blank"></a></div> <div class="social__item social__item_linkedin"><a href="https://www.linkedin.com/company/quadcode-saas/" target="_blank"></a></div> </div> </div> </div> <div class="footer__row footer__row_middle"> <div class="footer__text"> <p>All of the information on this website is protected by copyright and is legally owned by Quadcode as its intellectual property (hereinafter - Intellectual Property). You may not copy, link, publish, upload to external resources, transmit, distribute or reproduce by any means or in any form any portion of this website, including any text, images, audio and video materials or any other Intellectual Property without prior written consent of Quadcode.</p> <p>Certain names, logos and signs featured on this website are registered trademarks. Quadcode logo is a registered trademark in the European Union, Russian Federation, Hong Kong and many other countries. The fact that Quadcode has not included any product, feature, service name or logo to the list of its Intellectual Property does not waive any intellectual property rights that Quadcode or its affiliates, partners and (or) licensees have established in any such product, feature, service name or logo, all of which intellectual property rights are expressly reserved. Quadcode trademarks, service marks, trade names, corporate identity are important company's corporate assets and Quadcode requires that they be used properly. In order to preserve its reputation and protect its trademarks and other Intellectual Property, Quadcode diligently guards such objects against any violation.</p> </div> </div> <div class="footer__row footer__row_last"> <div class="footer__items"> <div class="footer__item"> <a href="/cookie-policy" class="footer__link">Cookies policy</a> </div> <div class="footer__item"> <a href="/privacy-policy" class="footer__link">Privacy policy</a> </div> <div class="footer__item"> <a href="/terms-and-conditions" class="footer__link">Terms & Conditions</a> </div> <div class="footer__item"> <a href="/vulnerability-disclosure-policy" class="footer__link">Vulnerability disclosure policy</a> </div> </div> <div class="footer__copyright">© Copyright Quadcode 2023</div> </div> </div> </footer>
<!-- END FOOTER -->
<!-- START _MENU-MOBILE -->
<div class="menu-mobile"> <div class="container"> <div class="menu-mobile__logo"> <div class="logo"></div> </div> </div> <div class="menu-mobile__close"> <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"> <rect x="0.928955" y="13.6569" width="18" height="2" transform="rotate(-45 0.928955 13.6569)" fill="#E62334"/> <rect x="13.657" y="15.0711" width="18" height="2" transform="rotate(-135 13.657 15.0711)" fill="#E62334"/> </svg> </div> <div class="menu-mobile__content"> <div class="menu-mobile__inner"> <div class="menu-mobile__col-first"> <div class="menu-mobile__title titleBase">Portfolio</div> <div class="menu-mobile__list"> <div class="menu-mobile__item"> <a href="/saas" class="menu-mobile__link defaultBase" data-url="saas">SaaS</a> </div> <div class="menu-mobile__item"> <a href="/under-construction" class="menu-mobile__link defaultBase">Brokerage</a> </div> <div class="menu-mobile__item"> <a href="/under-construction" class="menu-mobile__link defaultBase">Banking</a> </div> <div class="menu-mobile__item"> <a href="/under-construction" class="menu-mobile__link defaultBase">Exchange</a> </div> </div> </div> <div class="menu-mobile__col-last"> <div class="menu-mobile__title titleBase">Quadcode Group</div> <div class="menu-mobile__list"> <div class="menu-mobile__item"> <a href="/about" class="menu-mobile__link defaultBase menu-mobile__link_active" data-url="about">About Group</a> </div> <div class="menu-mobile__item"> <a href="/news" class="menu-mobile__link defaultBase" data-url="news">News</a> </div> <div class="menu-mobile__item"> <a href="/management" class="menu-mobile__link defaultBase" data-url="management">Management</a> </div> <div class="menu-mobile__item"> <a href="https://jobs.quadcode.com/" target="_blank" class="menu-mobile__link defaultBase">Careers</a> </div> <div class="menu-mobile__item"> <a href="/numbers" class="menu-mobile__link defaultBase" data-url="numbers">Numbers</a> </div> <div class="menu-mobile__item"> <a href="/sustainability" class="menu-mobile__link defaultBase" data-url="sustainability">Sustainability</a> </div> </div> </div> </div> </div> </div>
<!-- END _MENU-MOBILE -->
<!-- START _POPUP-COOKIE -->
<div class="popup-cookie"> <div class="popup-cookie__close"> <svg width="16" height="16" viewBox="0 0 16 16" fill="none" xmlns="http://www.w3.org/2000/svg"> <rect width="21.2132" height="1.41421" transform="matrix(0.707106 -0.707107 0.707106 0.707107 0 15)" fill="#141414"/> <rect width="21.2132" height="1.41421" transform="matrix(-0.707106 -0.707107 0.707106 -0.707107 15 16)" fill="#141414"/> </svg> </div> <div class="popup-cookie__content"> <div class="popup-cookie__title titleBase">We use cookies</div> <div class="popup-cookie__text defaultSmall">We use cookies to understand how you use our site and to improve your experience. By clicking “Accept” or by continuing to use our website you agree to their use.</div> <div class="popup-cookie__row"> <div class="popup-cookie__btn btn CTABase">Accept</div> <a href="/cookie-policy" class="popup-cookie__manage CTABase">About cookies</a> </div> </div> </div>
<!-- END _POPUP-COOKIE -->
</div>
</body>
</html>