Responsible Disclosure Policy

Data security is a top priority for Cartful Solutions, and we believe that collaboration with skilled security researchers can identify and address vulnerabilities in any technology.

If you believe you've found a security vulnerability in Cartful Solutions' services, please notify us. We are committed to working with you to resolve the issue promptly.

Disclosure Policy

• If you believe you've discovered a potential vulnerability, please notify us by emailing security@cartfulsolutions.com. We will acknowledge your email promptly.
• Allow us a reasonable amount of time to resolve the issue before disclosing it to the public or a third party.
• Make a good faith effort to avoid violating privacy, destroying data, or interrupting or degrading Cartful Solutions' service. Please only interact with accounts you own or those for which you have explicit permission from the account holder.

Exclusions

While researching, please avoid:

• Distributed Denial of Service (DDoS)
• Spamming
• Social engineering or phishing of Cartful Solutions employees or contractors
• Any attacks against Cartful Solutions' physical property or data centers

Thank you for helping keep Cartful Solutions and our users safe!

Changes

We may revise these guidelines periodically, and the most current version will always be available at this page. We encourage researchers to review the policy regularly to stay informed of any updates.

Compliance and Consequences

All individuals engaging with this policy are expected to comply with its terms. Violations may result in consequences proportional to the breach. Cartful Solutions management will assess the situation and take appropriate action as necessary.

Responsibility

It is the responsibility of the Cartful Solutions Information Security (InfoSec) team to ensure that this policy is upheld and enforced, in line with our commitment to maintaining a secure environment for all users.

Questions or feedback? Email us at security@cartfulsolutions.com.