Legal
Security Vulnerability Disclosure Policy
Effective date: April 23, 2026 · Version 0.1
tako.tax welcomes responsible reports of suspected security vulnerabilities affecting tako.tax or related tako.tax systems.
1. Reporting
Please report suspected vulnerabilities to [email protected] with enough detail to help us reproduce and understand the issue.
2. Good-faith expectations
Please act in good faith, avoid privacy violations, avoid destructive testing, and do not access or attempt to access data that does not belong to you.
3. Response
tako.tax will make reasonable efforts to:
- Acknowledge receipt of reports
- Investigate credible reports
- Prioritize remediation based on severity and risk
4. Scope
This Policy applies to security issues involving tako.tax systems and services. It does not authorize testing that is unlawful, harmful, or disruptive.
5. No bounty commitment
Unless tako.tax announces otherwise, submission of a report does not create an entitlement to payment or reward.
6. Contact
Security reports should be sent to [email protected].