GoKart

Main Menu
Get Started
Get Started
Flyout Menu

GoKart Security Disclosure Policy

Last Updated: Dec 3, 2025

GoKart, a service operated by Zariz Technologies, Inc. (“we”, “us”, or “our”), is committed to maintaining the security and integrity of our platform, protecting customer data, and working responsibly with the security community. This Security Disclosure Policy outlines how researchers, customers, partners, and the general public can report potential security vulnerabilities.

We take all reported issues seriously and appreciate the efforts of those who responsibly disclose them.

 

1. Purpose

This Security Disclosure Policy provides a clear path for responsible reporting of security issues. It is intended for researchers, partners, customers, and anyone who discovers a vulnerability in our systems.

We do not offer a public bug bounty program, but we welcome good-faith reports.

2. Scope

This policy applies to:

  • GoKart offer-wall and API services

  • GoKart admin portal

  • GoKart marketing website

  • Any systems operated directly by Zariz Technologies, Inc.

Out of scope:

  • Social engineering attacks

  • Third-party platforms not owned/controlled by GoKart

  • Physical security attacks

  • Denial-of-service, resource exhaustion, or automated scanning that impacts service stability

If you are unsure whether something is in scope, you may still report it and we will confirm.

3. Reporting a Vulnerability

Send all vulnerability reports to:

security@getgokart.ai

Please include, if possible:

  • Description of the issue

  • Steps to reproduce

  • Affected endpoint, host, or service

  • Any proof-of-concept or technical details

  • Your contact information (optional)

We encourage, but do not require, responsible disclosure anonymity.

4. Our Commitment

When you report a vulnerability to GoKart:

  • We will acknowledge your report within 7 business days.

  • We will investigate the issue and treat it with urgency based on severity.

  • We will work to remediate confirmed vulnerabilities in a timely manner.

  • We will not pursue legal action against researchers acting in good faith and within this policy.

5. Good Faith Expectations

To protect our systems and customers:

Please do:

  • Give us a reasonable amount of time to resolve the issue

  • Avoid accessing or modifying customer data

  • Avoid service disruption or degradation

  • Only use the minimum testing required to prove the vulnerability

Please do not:

  • Perform automated or high-volume scanning that could impact availability

  • Attempt phishing, social engineering, or physical attacks

  • Publicly disclose the vulnerability before coordinating with us

6. Safe Harbor Statement

GoKart supports responsible security research.

If you follow this policy and act in good faith:

  • Your activities will not be considered unauthorized access

  • Your testing will not result in legal action by Zariz Technologies, Inc.

  • We consider this policy as providing “safe harbor” under applicable laws

This safe harbor does not extend to violations of laws or systems outside our control.

7. Contact

For security reporting or inquiries:

security@getgokart.ai