NAM Privacy Center

The European Union’s General Data Protection Regulation (GDPR) goes into effect on May 25, 2018. GDPR modernizes protections for personal data in response to an evolving technology landscape, increased globalization, and complex international data flows. GDPR privacy rights provide all EU citizens with increased control over their personal information, while holding the companies they interact with accountable for transparency, fairness, and accuracy in how they collect, store, use, and protect personal data.

You are the owner of your personal data. At Dynatrace, we take our responsibility in safeguarding your data seriously. Have a look at the resources below to understand what your organization can do to maximize the data protections provided by Dynatrace.

For full detail on Dynatrace security policies and data-privacy settings you can configure in other Dynatrace products, see the Dynatrace Trust Center.

Have a security question?

If you have a question about NAM security, please contact us.

Vulnerability Reporting

If you believe you've identified a security problem in a NAM product or service, please contact our Security team.

We take our customers' security very seriously and investigate all vulnerabilities that are reported to us. This page summarizes how we address potential vulnerabilities reported to NAM.

Report a vulnerability

If you have security concerns or suspect a vulnerability in a NAM product or service, we encourage you to report the vulnerability to us immediately. To help us quickly respond to any suspected vulnerability, please provide all information (for example, proof-of-concept exploit code, tool output, affected product or component, and version number) that will help us reproduce and evaluate the severity of the problem. All information you provide to NAM will be kept confidential.

We'll respond to you, acknowledge receipt of your vulnerability report, and outline the next steps.

Evaluate & respond

When we receive a vulnerability report, we thoroughly investigate the severity of the security problem and share the results with you, along with any remediation effort and plans for public disclosure. During this process, we keep you regularly informed of our progress.

We treat all reported vulnerabilities seriously. We ask for your understanding that remediation of valid security problems takes time. The amount of time varies based on the complexity and severity of each vulnerability.

We respectfully ask you not to publish any information about reported vulnerabilities before we've analyzed then, addressed them, and informed our customers (if required), as doing otherwise could put our customers at risk. Please don't share or publish any data that belong to our customers.

Disclosure of vulnerabilities

If we do confirm a reported vulnerability, following our remediation efforts, we will perform a coordinated public disclosure of the issue together with you.