Go to the main content Arrow right icon

Responsible disclosure policy

ArtEZ University of the Arts handles its data carefully, making security a priority. Despite efforts to secure our systems, vulnerabilities may still arise. If you discover such a vulnerability, we encourage you to collaborate with us to resolve it promptly.

To prevent misuse of the data breach, we ask you to adhere to these guidelines:

  1. Report the issue by emailing ict@artez.nl;
  2. Refrain from actively exploiting the security flaw;
  3. Do not share information about the leak until the issue is resolved and delete any data obtained through the leak;
  4.  Do not use any physical security attacks, social engineering, distributed denial of service, spam or third-party applications;
  5. Provide sufficient information for us to reproduce and resolve the issue quickly.

If you follow these guidelines, we commit to:

  1. Contact you within five business days to let you know how long the repair is expected to take;
  2. Not take any legal action against you regarding this disclosure;
  3. Treat your report confidentially and not share your personal data with third parties without your consent unless legally obligated. Reporting under pseudonym or anonymously is possible;
  4. Keep you informed about the progress of the issue's resolution;
  5. If desired, credit you as the discoverer of the issue in any communications about it.

We aim to resolve identified security flaws promptly. Should you wish to publish any information about the detected problem after it has been solved, we would like to be involved in this publication.