Privacy, cybersecurity and transparency


At Dallmeier, topics such as privacy, cybersecurity and transparency have the highest priority.
That is why we enable our customers and partners, our employees and other “interested parties” to find all relevant information quickly and in a structured manner or to contact us directly. In doing so, we go far beyond what is legally required. 


Do you want to report a security incident?


Then your first point of contact for all incidents is the central reporting office, the “Security Incident Response Centre (SIRC)”.  

Please send your report via email to si@

The Dallmeier SIRC is the central reporting point for all incidents regarding potential vulnerabilities, threats or other security events. In case of product-related incidents, the SIRC also acts as the Product Incident Response Team (PSIRT). 

The SIRC is authorised to respond to all cybersecurity reports concerning products, solutions, services and services and to provide information and has the following tasks:

  • Control all investigations 
  • Communication with the incident notifier                   
  • Involving internal departments such as the Product Security Incident Response Team (PSIRT) or the Data Protection Officer
  • Disclosure of security incidents and, if necessary, the associated reporting obligations to external bodies (e.g. BSI, data protection)

A security notice is published for confirmed vulnerabilities as soon as a solution is available. If the situation requires it, a security advisory with measures to be taken will be issued before an update is available.

A collection of Dallmeier Security Advisories can be found here

How is the report submitted?


The Dallmeier SIRC processes every incident report together with the respective reporters in a trustworthy and professional manner. Neither a non-disclosure agreement (NDA) nor any other contract is necessary or a prerequisite for cooperation.

Please include as much information as possible in one single report to speed up processing. 

Send an email to our Security Incident Response Centre (ticket system) at si@ with the following information:

  • Who reports (contact details)?
  • Which IT system or product line is affected?
  • Version number?
  • How did you work with the system?
  • What did you observe?
  • Type of vulnerability?
  • When did the event occur?
  • Where is the affected IT system located?

Who can report an event?


Reports on potential vulnerabilities, threats or other events are expressly welcome from everyone – regardless of customer status. 

Many Dallmeier products fulfill important protective functions and are used in Critical Infrastructures. Dallmeier therefore asks for cooperation in the context of a coordinated disclosure of vulnerabilities and at the same time asks to refrain from premature publication of vulnerability information.

Dallmeier respects and takes into account the various interests of a reporter and encourages the reporting of information to the Dallmeier SIRC. We follow the process of a Coordinated Vulnerability Disclosure.

Additional resources

Would you like specific information on data protection, are you a whistleblower or are you looking for Security Advisories?

Then the following resources will help you:

Security Advisories

Further information

Video + Data Security

Video Extra

Best Practice Guide