Australian Cybersecurity Act Statement of Compliance

CYBER SECURITY ACT 2024 - STATEMENT OF COMPLIANCE

This Statement is prepared by B&D Australia Pty Ltd and made in accordance with Part 2 of the Cyber Security Act 2024 (Act) and Rule 9 of the Cyber Security (Security Standards for Smart Devices) Rules (Rules).

Declaration

In accordance with the Rules, as the Manufacturer, B&D Australia Pty Ltd declares that:

1. the Products have been manufactured in accordance with the Security Standard; and
2. has complied with all other obligations relating to those Products under the Security Standard.

In particular:

1. Password Security

   Each Product is manufactured so that:

   1. any password used in relation to the Product's hardware or relevant software is unique to that individual Product; or
   2. the user is required to define the password before first use of the product.
2. Vulnerability Reporting and Handling

   Any user may report vulnerabilities relating to any Product to the Vulnerability Reporting Contact through emailing, [email protected].

   If a user reports a vulnerability, the B&D Australia Pty Ltd will:

   1. acknowledge receipt of the report and investigate the vulnerability;
   2. provide a status update to that user while the vulnerability is being investigated; and
   3. disclose and report vulnerabilities in accordance with the Rules and the Vulnerability Disclosure Process.
3. Security Updates and Defined Support Period

   B&D Australia Pty Ltd will provide security updates for each Product until the end of the Product Support Period as provided below.

Product Support and Security Update Periods