Disclaimer

The terms of this disclaimer apply to the websites ne.nl and orders.ne.nl, as well as the applications rooster.ne.nl and app.ne.nl.

By visiting these websites or applications and/or using the information provided on or via these websites, you declare your agreement with the applicability of this disclaimer.

Use of the website

The information on this website is intended solely as general information. No rights can be derived from the information on this website. Although NE DistriService (hereinafter referred to as NE) exercises care in compiling and maintaining this website and uses sources that are considered reliable, NE cannot guarantee the accuracy, completeness, or timeliness of the information provided. Displayed dates and times are indicative and no rights can be derived from them. NE does not guarantee that the website will function without errors or interruptions. NE expressly disclaims any liability regarding the accuracy, completeness, and timeliness of the information provided, as well as the (uninterrupted) use of this website

Use of information 

NE reserves all intellectual property rights and other rights regarding all information offered on or via this website (including all texts, graphic material, and logos). It is not permitted to copy, download, publish, distribute, or reproduce the information on this website in any way without prior written consent from NE or proper permission from the rightful owner. However, you may print and/or download information from this website for your own personal use.

Changes 

NE reserves the right to modify the information offered on or via this website, including the text of this disclaimer, at any time without further notice. It is recommended to periodically check whether the information offered on or via this website, including the text of this disclaimer, has been changed.

Applicable law 

Dutch law applies to this website and the disclaimer. All disputes arising from or in connection with this disclaimer will be exclusively submitted to the competent court in the Netherlands.

Responsible disclosure 

In the unlikely event that a vulnerability exists in one of our systems, we ask you to report it as quickly as possible. This allows NE to take appropriate measures. This is known as responsible disclosure.

How to report a vulnerability in NE's ICT system 

If you discover a vulnerability in NE's ICT system, we request you to: 

• Report the vulnerability as soon as possible after its discovery.
• Email your findings to planning@ne.nl.
• Provide sufficient information to reproduce the problem so that we can resolve it as quickly as possible. Typically, the IP address or URL of the affected system and a description of the vulnerability are sufficient, but more information may be needed for complex security issues. 
• Leave your contact details so we can get in touch with you to work together towards a safe outcome. As a minimum, leave an email address or phone number.
• Do not share information about the security issue with others until it is resolved.
• Handle the knowledge of the security issue responsibly by not performing actions beyond what is necessary to disclose the issue. 
• Understand that any information obtained from NE's systems is subject to confidentiality and further disclosure of this information is punishable by law.

Do not abuse the discovery 

If you discover a vulnerability, do not abuse it by, for example: 

• Installing malware.
• Copying, modifying, or deleting data or configurations from a system (an alternative is to make a directory listing or screenshot).
• Making changes to the system.
• Repeatedly accessing the system or sharing access with others.
• Using brute force to gain access to systems.
• Conducting denial-of-service attacks or using social engineering.

What does NE do with a responsible disclosure report? 

If you report a vulnerability in our ICT system, we will handle it as follows:

• If your report meets the above conditions, we will not impose legal consequences.
• We will treat your report strictly confidentially and will not share your personal data with third parties without your permission unless required by law or a court order.
• NE will respond to your report within a few business days with an evaluation and an expected resolution date.
• NE will keep you informed of progress. We will resolve the security issue in the system identified by you within a maximum of 60 days. In mutual consultation, we will determine when and how to publish information about the issue.