Vulnerability Disclosure Policy

Vulnerability Disclosure Policy

Last updated: July 2026
 

PowerOptimal takes the security of its websites, applications, and cloud services seriously. If you believe you have identified a security vulnerability affecting poweroptimal.com, elonsmartwater.com, or any related PowerOptimal web, app, or cloud service, please use the vulnerability report form below.

Please include:

  • a description of the issue;
  • the affected URL, page, system, product, or service;
  • steps to reproduce the issue;
  • the potential impact; and
  • your contact details so that we can follow up with you.

When reporting a vulnerability, you must:

  • act lawfully and in good faith;
  • avoid any privacy violation, service disruption, destruction of data, or interruption of our systems;
  • not access, modify, download, copy, or delete data unless strictly necessary to demonstrate the issue;
  • not use social engineering, phishing, spam, brute force, malware, denial-of-service techniques, or physical attacks; and
  • stop testing and notify us immediately if you encounter personal information or confidential information.

What we will do:

  • acknowledge receipt of your report as soon as reasonably practicable;
  • review and investigate the report;
  • work to validate and address confirmed vulnerabilities as soon as reasonably practicable; and
  • handle any security compromise involving personal information in accordance with applicable South African law.

This policy does not grant permission to act in any manner that is unlawful or prohibited by the Cybercrimes Act, 2020, the Protection of Personal Information Act, 2013, or any other applicable law. Please do not publicly disclose the vulnerability until we have had a reasonable opportunity to investigate and address it.

PowerOptimal may update this policy from time to time.

    Please do not include passwords, access credentials, or unnecessary personal information in your report.

    Pin It on Pinterest