We are proud to be certified as a Great Place to Work Read more

Security & Responsible Disclosure


Security and privacy of our users is very important for us. We take utmost care to ensure that our systems are protected and our developers strive to write secure code. We understand that there is no silver bullet when it comes to security and there are times when security bugs sneak through despite our best efforts. We ensure that all security issues reported are reviewed and resolved promptly

Reporting a security issue

We would like to foster a culture of collaboration to achieve better security and make the internet a better place. If you believe that you have found a security issue that can adversely impact Zeta, please do contact our security team at security@zeta.in and send your submissions as an encrypted email using this PGP Key. A member of our security team will reach out to you and will work with you to validate, qualify and resolve the issue.

Our expectations from you:

Our promise to you:

Responsible Disclosure

We at Zeta believe that with great knowledge comes great responsibility. We expect that you will give us reasonable lead time to respond to your report before making any information public and that you will make a good faith effort to avoid privacy violations, destruction of data and interruption or degradation of our services during your research. We will reciprocate the gesture by working with you to mitigate the issue to the satisfaction of both parties.

We would prefer that interested researchers coordinate their efforts with our security team, so that we can avoid any untoward incidents that could affect confidentiality, integrity or availability of Zeta’s systems.


Zeta Websites

Below domains are not in scope

Mobile Apps

Excluded Bug Submission

Following bug submissions are excluded because they are malicious and/or because they have low security impact to the program owner. This section contains issues that are not accepted under this program, will be immediately marked as invalid.

The following findings are specifically excluded and will be considered invalid:

Out of Scope bugs for Android apps:

Out of Scope bugs for iOS apps

**Appendix: We classify malicious activities as follows

Note: All attempts to cause harm to Zeta’s systems and data and that do not follow responsible disclosure will be pursued legally to the full extent permitted by law.