BUY NOW, PAY LATER WITH KLARNA. CLICK TO LEARN MORE

Tivoli Audio Security Vulnerability Reporting

Your security is a top priority.

Vulnerability Disclosure Policy 

At Tivoli Audio, security is, and always will be, top priority. We have established a security vulnerability reporting program for researchers and members of the public to report any security concerns to Tivoli Audio so they may be investigated and addressed in a timely and effective manner. This policy is based on and references techniques used in ISO/IEC 29147.

 

Scope

This policy applies to: 

  • All official Tivoli Audio websites and subdomain: tivoliaudio.com, tivoliaudio.eu, tivoliaudio.jp, tivoliaudio.au, and other regional variations. 
  • Tivoli Audio mobile applications (iOS and Android) 
  • Tivoli Audio hardware and embedded software, including connected and Bluetooth-enabled devices 


This policy does not cover: 

  • Third-party platforms or services not managed by Tivoli Audio 
  • Physical or social engineering attacks, spam, denial-of-service (DoS) or resource exhaustion attacks

 

Security Support Period 

Tivoli Audio is committed to the safety and longevity of our products. We will provide security updates for all Tivoli Audio hardware and embedded software for a minimum of two (2) years from the date the product is last sold by Tivoli Audio or its authorized resellers. 


  • Should we extend the period of support for any product, we will publish this updated support period as soon as practicable. This information is: 
  • Publicly accessible without request. 
  • Available free of charge
  • In English 
  • Accessible without the need to provide personal information. 
  • Written clearly for readers without technical expertise. 



Guidelines for Reports

If you believe you have detected a vulnerability or risk to a Tivoli Audio product, service, or platform, please contact us at security@tivoliaudio.com

 

To help us investigate, please include as much detail as possible, including: 

  • A clear description of the vulnerability 
  • Affected products, platforms, or services. 

 

What You Can Expect From Us 

When you submit a valid vulnerability report, you can expect the following: 

  • Acknowledgement of your report within 5 business days 
  • Ongoing updates on our investigation status 
  • Coordination on disclosure timelines (we aim to resolve verified vulnerabilities within 90 days) 
  • Notification when the issue has been resolved 

 

Acknowledgments 

We deeply appreciate responsible disclosures and may, with your consent, publicly acknowledge your contribution on our website or in a security advisory. While we do not currently operate a bug bounty program, we are open to highlighting the efforts of those who help improve the safety and security of our systems. 

 

Legal Issues & Protections 

Tivoli Audio will not pursue legal action against researchers and members of the public who: 

  • Act in good faith and comply with this policy 
  • Avoid accessing, modifying, or deleting data 
  • Avoid service disruptions 
  • Provide us a reasonable opportunity to investigate and address the issue before making it public 

We consider your activities authorized under applicable laws, and we support safe and responsible research that helps strengthen our systems. 

Translation missing: en.layout.drawers.close

This website is using cookies

We use them to give you the best experience. If you continue using our website, we'll assume that you are happy to receive all cookies on this website.

Age verification

By clicking enter you are verifying that you are old enough to consume alcohol.

Search

In Your Cart

Your cart is currently empty.

Continue shopping