Haier Responsible Disclosure Policy

Our vulnerability disclosure policy for connected products

Haier Europe is committed to deliver the best quality and reliability as well as to protect any information related to our customers when they’re using our products. Cyber threats are playing an increasing role in hindering the achievement of these objectives; for this reason, we have established the Haier Europe Product Security Incident Response Team (HE-PSIRT) to coordinate the resolution of any identified vulnerability.

If you believe to have found a security vulnerability with a Haier Europe product, please contact the HE-PSIRT in line with our responsible disclosure process.

Our Commitment

HE-PSIRT has put in place processes and measures with the main stakeholders (e.g., Research & Development teams, Legal department, third-parties and vendors) to timely manage vulnerabilities shared by any finder. You are encouraged to contact HE-PSIRT through the agreed channel and by providing the supporting information requested; we will respond you with the acknowledgement of the inquiry within 7 calendar days from the receipt of the vulnerability notification. If you’re willing to share with us your contacts, you’ll receive periodical updates on the status of the notified vulnerability and a final notifications of the closure of the vulnerability and your contribution will be acknowledged on our Credits page.

Haier Europe agrees not to pursue claims against finders that are related to responsible disclosures submitted to us providing that the reporting party will not publicly disclose vulnerability details before Haier Europe confirms completed remediation of the vulnerability.