Legal
Security Vulnerability Disclosure Policy
Effective date: April 23, 2026 · Version 0.1
TakoTax welcomes responsible reports of suspected security vulnerabilities affecting TakoTax or related TakoTax systems.
1. Reporting
Please report suspected vulnerabilities to [email protected] with enough detail to help us reproduce and understand the issue.
2. Good-faith expectations
Please act in good faith, avoid privacy violations, avoid destructive testing, and do not access or attempt to access data that does not belong to you.
3. Response
TakoTax will make reasonable efforts to:
- Acknowledge receipt of reports
- Investigate credible reports
- Prioritize remediation based on severity and risk
4. Scope
This Policy applies to security issues involving TakoTax systems and services. It does not authorize testing that is unlawful, harmful, or disruptive.
5. No bounty commitment
Unless TakoTax announces otherwise, submission of a report does not create an entitlement to payment or reward.
6. Contact
Security reports should be sent to [email protected].