Synergist Technology

AFFIRM Login
Request a Demo

Vulnerability Disclosure Policy

Effective Date: July 2025

Introduction

Synergist Technology, LLC (“Synergist”) is committed to ensuring the security of our customers by protecting their information. This policy is intended to give security researchers clear guidelines for conducting vulnerability discovery activities and to convey our preferences in how to submit discovered vulnerabilities to us. This policy describes what systems and types of research are covered under this policy, how to send us vulnerability reports, and how long we ask security researchers to wait before publicly disclosing vulnerabilities. We encourage you to contact us to report potential vulnerabilities in our systems.

Authorization

If you make a good faith effort to comply with this policy during your security research, we will consider your research to be authorized. We will work with you to understand and resolve the issue quickly, and Synergist will not recommend or pursue legal action related to your research. Should legal action be initiated by a third party against you for activities conducted in accordance with this policy, we will make this authorization known.

Guidelines

Under this policy, “research” means activities in which you:
  • Notify us as soon as possible after discovering a real or potential security issue.
  • Make every effort to avoid privacy violations, degradation of user experience, disruption to production systems, and destruction or manipulation of data.
  • Only use exploits to the extent necessary to confirm a vulnerability’s presence. Do not use an exploit to compromise or exfiltrate data, establish persistent command-line access, or pivot to other systems.
  • Provide us a reasonable amount of time to resolve the issue before disclosing it publicly.
  • Do not submit a high volume of low-quality reports.
  • Once you’ve established that a vulnerability exists or encounter any sensitive data (including personally identifiable information, financial information, or proprietary information or trade secrets of any party), you must stop your test, notify us immediately, and not disclose this data to anyone else.

Test Methods

The following test methods are not authorized:
  • Network denial of service (DoS or DDoS) tests or other tests that impair access to or damage a system or data.
  • Physical testing (e.g., office access, open doors, tailgating), social engineering (e.g., phishing, vishing), or any other non-technical vulnerability testing.

Scope

This policy applies only to the following system owned and operated by Synergist: Synergist for Government (becompliant-gov.us) Any service not expressly listed above is outside the scope of this policy and is not authorized for testing. Vulnerabilities found in systems from our vendors or customers fall outside of this policy’s scope and should be reported directly to the relevant entity according to their disclosure policy (if any). If you are unsure whether a system is in scope, please contact us at highsideadmin@synergist.technology before beginning your research. Though we may develop and maintain other internet-accessible services, we request that active research and testing only be conducted on the system explicitly listed in this document. If there is a particular system you believe should be included in scope, please contact us to discuss it. This policy may evolve to reflect additional systems over time.

Reporting a Vulnerability

Information submitted under this policy will be used for defensive purposes only – to mitigate or remediate vulnerabilities. If your findings include newly discovered vulnerabilities that affect all users of a product or service and not solely Synergist, we may share your report with relevant authorities, such as the Cybersecurity and Infrastructure Security Agency (CISA), under their coordinated vulnerability disclosure process. We will not share your name or contact information without your express permission. We accept vulnerability reports via email at highsideadmin@synergist.technology. Reports may be submitted anonymously. If you share your contact information, we will acknowledge receipt of your report within 3 business days.

What We Would Like to See from You

To help us triage and prioritize submissions, we recommend that your reports:
  • Describe the location where the vulnerability was discovered and the potential impact of exploitation.
  • Offer a detailed description of the steps needed to reproduce the vulnerability (proof-of-concept scripts or screenshots are helpful).
  • Be written in English, if possible.

What You Can Expect from Us

When you choose to share your contact information with us, we commit to coordinating with you as openly and quickly as possible.
  • Within 3 business days, we will acknowledge that your report has been received.
  • To the best of our ability, we will confirm the existence of the vulnerability and be transparent about what steps we are taking during the remediation process, including any issues or delays.
  • We will maintain an open dialogue to discuss findings and collaborate on resolution where appropriate.

Questions

Questions or suggestions regarding this policy may be sent to: highsideadmin@synergist.technology

Contact Us Form Terms and Conditions

Effective Date: July 2025

Introduction

This agreement governs your use of the Contact Us form provided on the Synergist Technology, LLC website and any related services we offer.

Welcome to the official website of Synergist Technology, LLC (“Synergist,” “we,” “us,” or “our”). These Terms of Service (“Terms”) govern your access to and use of www.synergist.technology (the “Website”). By submitting this form, you agree to be bound by these Terms and Conditions.

Your Agreement to These Terms

By clicking “Submit” or taking any equivalent action, you acknowledge that you have read, understood, and agree to be bound by these Terms and Conditions.

Purpose of the Form

The Contact Us form is intended solely for the purpose of reaching out to Synergist Technology with inquiries, feedback, or to request information about our products, services, or partnerships.

Information You Provide

All information you submit through the form must be accurate, complete, and truthful. You are responsible for maintaining the confidentiality of any credentials or sensitive data you may provide or create in connection with this site, if applicable.

How We Use Your Information (Refer to Privacy Policy)

Personal information collected via the Contact Us form will be handled in accordance with our Privacy Policy

This policy outlines what information we collect, why we collect it, how it is used, and whether it is shared with third parties.

Your Responsibilities

You agree not to use the form or our website to submit content that is illegal, harmful, offensive, defamatory, or that violates the intellectual property or rights of others.

You are also responsible for complying with any additional rules or restrictions governing use of the site or form.

Limitation of Liability and Disclaimer

We assume no liability for any damages or losses resulting from your use of the form or website.

All information and functionality provided through this form is offered “as is”, without warranties of any kind, express or implied.

Governing Law and Dispute Resolution

These Terms are governed by the laws of the State of Florida, without regard to its conflict of laws rules. In the event of any dispute, controversy, or claim (“Dispute”) between you and Synergist (the “Parties” or individually a “Party”), including under or relating to these Terms, the Parties agree that the Dispute shall be exclusively governed and decided by binding confidential arbitration under the then-prevailing commercial arbitration rules of the American Arbitration Association (AAA).

Any arbitration will be held before a single neutral independent arbitrator appointed by the AAA, who is a retired judge and resides in Florida. The arbitrator shall have the sole authority to resolve all claims concerning the formation, legality, and enforceability of this arbitration clause, including its scope and arbitrability. The arbitrator shall not make any ruling or award that conflicts with the terms of these Terms.

The Parties agree that any arbitration shall be conducted in their individual capacities only and not as a class, collective, or representative action. The Parties expressly waive the right to participate in or file any such action.

All arbitration-related fees will be governed by the AAA’s rules. Each Party shall bear its own legal costs, except as otherwise provided under AAA rules or if the arbitrator finds a claim was brought in bad faith, for an improper purpose, or was frivolous.

The arbitrator shall issue a reasoned written decision and the award shall be final and binding. Venue for arbitration shall be Palm Beach County, Florida. Either Party may seek interim relief in a court of competent jurisdiction to maintain the status quo or prevent irreparable harm.

If any part of these Terms conflicts with the terms of this arbitration clause, the arbitration clause shall control.

EXCEPT FOR THE LIMITED EXPRESS PURPOSES DESCRIBED ABOVE, THE PARTIES WAIVE THE RIGHT TO TRIAL BY JURY AND TO BRING OR PARTICIPATE IN ANY CLASS ACTION OR REPRESENTATIVE CLAIM.

Severability

If any provision of these Terms is found to be invalid, unlawful, or unenforceable, the remaining provisions shall remain in full force and effect. Any unenforceable provision shall be modified to the minimum extent necessary to make it enforceable while preserving the original intent.

Changes to the Terms

We reserve the right to update or modify these Terms at any time. When changes are made, we will revise the “Effective Date” at the top of this page. Continued use of the Website and Contact Form following any updates constitutes your acceptance of the revised Terms.

Contact Us

If you have any questions or concerns about these Terms and Conditions, please contact us at:

Email: legal@synergist.technology
Address: 3651 FAU Blvd, Suite 400-DD2, Boca Raton, FL 33431