• Continuous improvement of internal processes as a suitable means, both to offer products and services that meet the needs of each customer and other interested parties, and to ensure proper Quality management and business continuity.
• To offer a service in accordance with the Service Level Agreement (SLA) established with its customers, ensuring the confidentiality, integrity and availability of the information it manages, taking into account the needs of stakeholders in terms of business continuity, in compliance with all legal, contractual and regulatory requirements.
• To ensure the continuity of critical business processes by implementing "best practices" to protect human resources and company assets.
• Constantly train all its personnel to achieve excellence in service, with special emphasis on training in information security and business continuity.
• To promote leadership and teamwork at all levels of the Company, ensuring a fluid and reciprocal communication among all personnel of the Organization.
• To manage the performance of its collaborators and provide continuous feedback, promoting the achievement of objectives and individual and team development.
• To raise awareness among internal and external suppliers, so that they join in a sustained effort aimed at the continuous improvement of the service provided.
• To test the continuity plans and inform our clients and other stakeholders about the results of business continuity management, thus ensuring the normal development of the processes that make up the service in the event of contingent actions.
• To contribute to the sustainable development of society and the environment through the implementation of ethical and responsible practices in all areas of business activity, seeking a balance between economic, social and environmental interests.
• To promote responsible and healthy gambling among customers, complying with current regulations and good practices in the sector.

All B-GAMING staff is an important protagonist of the service it develops and provides to its customers; the success of this permanent challenge requires the commitment of each of its collaborators.

Responsible Disclosure Policy

Introduction

B-GAMING S.A. (hereinafter “B-GAMING”) is committed to the importance of adequately protecting the information entrusted to us by our customers, users and collaborators (employees and suppliers), against different types of threats, in order to safeguard its confidentiality, integrity and availability.

With this purpose, this Responsible Disclosure Policy is defined in order to outline the procedure to follow in the event that any third party, whether belonging or not to B-GAMING, detects any security vulnerability in our systems, in our sites and/or in any asset belonging to us (hereinafter “THIRD PARTIES”).

1. Definitions

Computer Security Incident Response Team (CSIRT): Team integrated by multidisciplinary specialists, trained to prevent, detect, manage and respond to computer incidents quickly and effectively.

Vulnerability: Weakness of an asset, system or control that can be exploited by one or more computer threats.

Incident: unexpected or undesired event with detrimental consequences for the security of networks, equipment and information systems.

Third Parties: any person, human or legal, whether or not belonging to B-GAMING, who detects any security vulnerability in our systems, in our sites and/or in any asset belonging to us.

2. Content directed to Third Parties

In the event that you have had an Incident and/or consider that you have discovered a Vulnerability in our sites or in our systems, we ask you to follow the steps detailed below, which are part of our Responsible Disclosure Policy:

1. Send us an email to csirt@boldt.com.ar
2. Put “Responsible Disclosure” in the subject line.
3. In the body of the email, detail the nature of the error, Incident or finding, identifying the steps required to replicate it, the applications, programs or tools you used to detect the Vulnerability and the date and time you performed the tests. If you consider it appropriate, attach images or videos of what was detected.
4. Please include your personal information so we can contact you.

We commit ourselves to:

• Send you an acknowledgement of receipt of your report.
• Inform you of the progress of your report, and
• Notify you in a reasonable time when it is solved.

We remind you that it is forbidden:

• That you access our information.
• To expose the privacy of other persons (natural or legal), for example, by unauthorized access to or destruction of data, or interruption / degradation of our services.
• That you access or modify data without our express consent.
• That you take advantage of the security problem by attempting to demonstrate additional risks in order to uncover further problems.

Additionally, we note that the following actions are not within the scope of our responsible disclosure policy as they may adversely affect the delivery of B-GAMING services.

• Spam or social engineering techniques.
• Denial of service attacks.
• Code or content injection.
• Brute force attacks.
• Manual or automated vulnerability scans.
• Deliberately posting, updating, linking, sending or storing malware, viruses or similar software.

The THIRD PARTIES shall be unlimitedly liable for any damages that may be caused to B-GAMING S.A., customers, users, collaborators (employees and suppliers), licensees or third parties due to the use of any data and/or information and/or documentation that may have been obtained as a result of the detected Vulnerability.

B-GAMING does not financially reward individuals or organizations for identifying potential or confirmed Vulnerabilities. Requests for monetary remuneration will be considered a violation of this Responsible Disclosure Policy.

At B-GAMING we have a strong commitment to the security and integrity of our systems, and we welcome your Responsible Disclosure contributions in advance.