Carts City Accessibility Policy
Carts City is committed to making our website accessible for all customers, including those with disabilities.
Consistent with this goal, we have taken a number of steps to enhance our site and increase its usability by those who access the web using assistive technology. Our efforts are guided by the Web Content Accessibility Guidelines, version 2.0, Level AA (WCAG 2.0 AA). We will continue to enhance our digital properties to deliver accessible experiences.
If you experience difficulty accessing our website content, reach out to our Customer Care associates at firstname.lastname@example.org for assistance and to provide feedback.
Carts City cares deeply about maintaining the trust and confidence that our customers place in us. The security of our online platforms is of paramount importance. If you are a security researcher and have discovered a security vulnerability in one of our services or sites, we encourage you to disclose it to us in a responsible manner. Carts City will engage with security researchers when vulnerabilities are reported to us in accordance with this Responsible Disclosure Policy. We will validate and fix vulnerabilities in accordance with our commitment to security and privacy. We will not take legal action against, or suspend or terminate the accounts of, researchers who discover and report security vulnerabilities in accordance with this Responsible Disclosure Policy. Carts City reserves all legal rights in the event of any non-compliance.
We encourage security researchers to share the details of any suspected vulnerabilities with the Carts City Information Security Team by submitting the form at the bottom of this page. Carts City will review the submission to determine if the finding is valid and has not been previously reported. At Carts City’s discretion, you may be eligible for monetary compensation for your efforts. Employees of Carts City or Carts City subsidiaries, vendors currently working with Carts City or Carts City subsidiaries, or residents of countries on the U.S. sanctions list are not eligible for monetary compensation. In case you belong to any of the listed categories, you must specify that in your report. We require security researchers to include detailed information with steps for us to reproduce the vulnerability.
If you identify a valid security vulnerability in compliance with this Responsible Disclosure Policy, Carts City commits to:
- Working with you to understand and validate the issue
- Addressing the risk (if deemed appropriate by Carts City)
- Public disclosure of the submission details of any identified or alleged vulnerability without express written consent from Carts City will deem the submission as noncompliant with this Responsible Disclosure Policy.
In addition, to remain compliant you are prohibited from:
- Accessing, downloading, or modifying data residing in an account that does not belong to you
- Executing or attempting to execute any “Denial of Service” attack
- Posting, transmitting, uploading, linking to, sending, or storing any malicious software
- Testing in a manner that would result in the sending unsolicited or unauthorized junk mail, spam, pyramid schemes, or other forms of unsolicited messages
- Testing in a manner that would degrade the operation of any Carts City systems
- Testing third-party applications, websites, or services that integrate with or link to Carts City systems