At Tacklit, we prioritise the security and protection of our products, services, customer data, and infrastructure. We acknowledge the importance of collaborating with external security researchers to identify and address security vulnerabilities.

If you believe you’ve discovered a security vulnerability in a Tacklit product, we welcome your responsible disclosure. Please submit a detailed description of the issue, including steps to reproduce it and/or a proof-of-concept (“Report”).

We request that reporters adhere to responsible disclosure principles, allowing Tacklit to assess, respond to, and mitigate any confirmed vulnerabilities before public or third-party disclosure.

Responsible Reporting and Disclosure

Tacklit supports responsible reporting and disclosure and requests the following from reporters:

• Do not compromise user privacy, destroy data, or disrupt services.
• Report vulnerabilities to us promptly with sufficient detail to reproduce the issue.
• Do not share the vulnerability information publicly.
• Avoid disrupting or degrading Tacklit’s products and services.
• Respect the privacy of Tacklit’s customers and data.
• Comply with all relevant laws.
• Prevent any adverse effects on user experience, production systems, and data integrity.
• Stop testing and notify us immediately upon confirming a vulnerability or encountering sensitive data.
• Do not execute or attempt to execute a denial-of-service attack.