Security

Kaizen Loyalty takes the security of our platform, our customers, and their data seriously. We welcome reports from security researchers who discover potential vulnerabilities and follow responsible disclosure practices.

This page describes what is in scope, how to report a vulnerability, and what you can expect from us in return.

Scope

This policy applies to:

  • kaizenloyalty.com and its subdomains
  • Kaizen Loyalty Platform, Kaizen AI, RevX, WhiteLabelX, and WhatsApp Promotion Solution products and applications
  • Any Kaizen-operated infrastructure supporting these products

How to Report

Email us at [email protected] with a description of the issue, the steps to reproduce it, the affected URL or component, and its potential impact. Proof-of-concept details are welcome; please avoid including sensitive customer data in your report.

Our Response Process

  • We acknowledge new reports as soon as reasonably possible
  • We investigate and validate the reported issue
  • We keep you informed of progress toward remediation
  • We notify you once the issue has been resolved

Safe Harbor

We will not pursue legal action against researchers who make a good-faith effort to comply with this policy. To qualify for safe harbor:

  • Only test against accounts and data you own or are explicitly authorized to use
  • Avoid privacy violations, data destruction, or service disruption
  • Do not access, modify, or exfiltrate data beyond what is necessary to demonstrate the vulnerability
  • Do not perform social engineering, phishing, or physical attacks against Kaizen staff or facilities
  • Give us a reasonable amount of time to investigate and remediate before any public disclosure

Out of Scope

The following are generally out of scope for this policy:

  • Denial-of-service (DoS/DDoS) testing
  • Spam or social engineering targeting Kaizen employees or customers
  • Physical security testing
  • Third-party services or integrations not operated by Kaizen

Contact

For security-related questions or to report a vulnerability:

[email protected]

For more on how Kaizen approaches security, privacy, and trust:

https://www.kaizenloyalty.com/trust-center