Reporting a Concern

AskBiz accepts reports in the following categories:

• Security vulnerabilities — technical weaknesses in the AskBiz platform that could expose user data or enable unauthorised access
• Suspected account compromise — if you believe your account or another user's account has been accessed without authorisation
• Phishing and impersonation — fake AskBiz emails, websites, or communications impersonating us
• Abusive use of the platform — if you have evidence that AskBiz is being used to facilitate fraud, money laundering, or other illegal activity
• Legal and compliance concerns — GDPR data subject requests, copyright concerns, court orders, regulatory enquiries
• AI-generated harm — if an AI response caused or could cause harm, or generated dangerous, false, or illegal content
• Accessibility issues — if the platform presents barriers to users with disabilities

AskBiz operates a responsible disclosure policy. If you discover a security vulnerability:

Do:

• Email security@askbiz.co with a clear description of the vulnerability
• Include steps to reproduce it, the potential impact, and any screenshots or proof-of-concept (without exploiting it)
• Allow us reasonable time to investigate and remediate before disclosing publicly
• We aim to acknowledge all security reports within 24 hours and provide an initial assessment within 5 business days

Do not:

• Attempt to access, modify, or delete data that is not yours
• Run automated scanning tools against our production systems without prior written permission
• Disclose the vulnerability publicly before we have had an opportunity to remediate it

Recognition: We acknowledge security researchers who report valid vulnerabilities responsibly. For critical vulnerabilities (CVSS score 9.0+), we offer a discretionary bounty. Contact security@askbiz.co for details.

Legal protection: AskBiz will not pursue legal action against researchers who follow this responsible disclosure policy in good faith.

AskBiz's Terms of Service prohibit using the platform to facilitate illegal activity, including fraud, tax evasion, money laundering, and deceptive trading practices. If you have evidence that AskBiz is being misused:

• Email legal@askbiz.co with as much detail as possible
• Include any evidence you have (screenshots, transaction references, etc.)
• Your report will be treated confidentially
• We will investigate and, where appropriate, suspend the account and report to relevant authorities

AskBiz cooperates fully with law enforcement requests made through proper legal channels (court orders, production orders, mutual legal assistance requests). We do not disclose user data without a valid legal order except in cases of immediate risk to life.

Data subject rights requests (GDPR/UK GDPR): Email privacy@askbiz.co with your full name, account email, and the specific right you wish to exercise (access, erasure, portability, rectification, restriction, or objection). We will respond within 30 days.

Law enforcement requests: Requests for user data from law enforcement must be made through proper legal channels and addressed to legal@askbiz.co. We require a valid court order, production order (UK), subpoena (US), or equivalent legal instrument before disclosing any user data. We notify affected users of data requests where legally permitted to do so.

Regulatory enquiries (ICO, FCA, FTC, etc.): Direct enquiries to legal@askbiz.co. We will respond promptly and cooperate fully with regulatory bodies that have jurisdiction.

Copyright / IP claims: If you believe AskBiz content infringes your intellectual property, send a DMCA takedown notice (US) or equivalent UK/EU notice to legal@askbiz.co including your contact details, the work claimed to be infringed, and the location of the infringing content.

If you are an AskBiz employee, contractor, or partner and have concerns about illegal conduct, regulatory breaches, data protection violations, or ethical issues within AskBiz:

• You can report concerns confidentially to legal@askbiz.co
• Under UK law (Public Interest Disclosure Act 1998, as strengthened by the Employment Rights Act), you are protected from retaliation for making a protected disclosure in good faith
• Under EU law (EU Whistleblower Directive 2019/1937), equivalent protections apply for concerns reported within scope
• Under US law, the Dodd-Frank Act and Sarbanes-Oxley Act provide whistleblower protections in relevant contexts

AskBiz does not tolerate retaliation against anyone who raises a genuine concern in good faith.

Security vulnerabilities:

• Acknowledgement: within 24 hours
• Initial assessment: within 5 business days
• Resolution target for critical issues: 14 days
• You will be kept updated throughout

Account compromise:

• Acknowledgement: within 2 business hours
• Active support to secure your account: same day

Legal and regulatory:

• Acknowledgement: within 2 business days
• Full response: within the timeframe required by applicable law (30 days for GDPR requests)

Abusive use reports:

• Acknowledgement: within 3 business days
• We cannot always share the outcome of investigations due to confidentiality, but we take all reports seriously