LAYMAN'S TERMS: Your safe utilization of our website is of upmost importance. Your personal information is only used to process your transaction or to interact with the website. We do not save your payment information and use third-parties to assist us to complete your order. If you have any questions or concerns, please contact us immediately.
I. PURPOSE
The purpose of this policy is to establish standards for the safety and security of information exchanges and transactions on our ecommerce shop, to protect our customers' data privacy and ensure a secure online shopping environment.
II. SCOPE
This policy applies to all the customers, employees and third-party agents who access our ecommerce platform.
III. POLICY
1. ACCOUNT SECURITY: Customers will be required to create unique usernames and strong passwords for their accounts. Password strength will be enforced with requirements for including numbers, special characters and mix of capitalization.
2. ENCRYPTION: All transactions and data transmissions on our website will be carried out over secure, encrypted connections (SSL).
3. FIREWALLS: Our ecommerce platform will be protected by a network firewall system, creating a barrier between our trusted internal network and untrusted external networks.
4. PAYMENT SECURITY: Credit/debit card and other payment processing data will be handled by a PCI DSS (Payment Card Industry Data Security Standard) compliant third-party service. We do not store customers' credit card details.
5. DATA SECURITY: We will protect your personal data using appropriate security measures, including encryption and secure servers.
6. MALWARE PROTECTION: Anti-malware solutions will be deployed to detect and remove harmful software risks.
7. THIRD-PARTY ACCESS: Access to customer information by third-party suppliers will be strictly controlled and monitored.
8. PHYSICAL SECURITY: Any physical server access points will be securely maintained, with clear logging and authorization requirements.
9. INCIDENT RESPONSE: In case of a security breach, we have an Incident Response Plan to quickly mitigate the risk and communicate transparently about the incident.
10. REVIEW: This policy will be reviewed regularly and updated as necessitated by changes in security technologies or ecommerce practices.
IV. USER RESPONSIBILITY
Users are responsible for maintaining the security of their accounts, including keeping login credentials confidential and reporting any suspected account misuse to the ecommerce shop's support team.
V. POLICY VIOLATIONS
Any violations of this policy may result in restrictions on the violator's access or other penalties, depending on the nature and severity of the violation.
VI. CONTACT
If users have questions regarding this policy, they should contact the ecommerce shop's customer service for clarification.