Responsible Disclosure Policy
At Artmedia Digital, we take the security of our websites, systems, and client data seriously. We welcome the responsible reporting of any vulnerabilities that may impact our infrastructure.
Reporting Guidelines
If you discover a security issue, please:
- Report it via email to: [email protected]
- Include clear details: affected URLs, steps to reproduce, and your findings.
- Allow us reasonable time to investigate and resolve the issue before any public disclosure.
- Avoid actions that could harm user data, degrade service, or access private information (e.g., no DDoS, brute force, or social engineering).
Our Commitment
If you report a valid vulnerability:
- We will acknowledge your report within 5 business days.
- We will work to investigate and resolve the issue promptly.
- We will credit you publicly (if you wish) after the issue is fixed.
- We currently do not offer monetary bug bounties, but we value and appreciate all responsible reports.
Scope
We are primarily focused on issues affecting:
- artmedia.digital, artmedia.design, artmedia.cloud and its subdomains.
- User-facing features, forms, authentication flows, and backend logic.
Exclusions
The following types of findings are not considered in-scope:
- SPF, DMARC, or DNS misconfigurations without direct exploitability.
- Clickjacking on pages without sensitive data.
- Social engineering or phishing simulations.
- Denial-of-service attacks.
Legal
We will not take legal action against researchers who follow this policy in good faith. Your testing must not violate any applicable laws or compromise other users' privacy or data.
Thank you for helping us keep Artmedia Digital secure,
— Artmedia Digital Security Team.
Last Updated June 10, 2025