Security Policy
1. Introduction
There is no such thing as ‘perfect security’. We have to create a balance between increased levels of security and making transacting with us convenient to you.
2. Our security responsibilities
We will ensure that:
- We host our website in a secure server environment that uses a firewall and other advanced security measures to prevent interference or access from outside intruders. This includes an advanced web application firewall to monitor, actively prevent, and block all known hacking attempts.
- The information you give to us that is stored on or passes through our systems is protected. We use encryption to protect the personal information you give us where it is appropriate using an SSL 128bit security certificate.
- The links from our systems to systems under the control of third parties (for example our payment gateway) are secure.
- We perform regular backups of data to ensure it can be recovered in the case of a disaster.
- We log all access to our system. If any unauthorised behaviour should occur, this will assist us in identifying and resolving the issue.
- We update our website regularly to align with secure industry standards and to ensure any security vulnerabilities are addressed as soon as we detect them.
- We take reasonable steps to secure your payment information and use a payment system that is sufficiently secure with reference to accepted technological standards at the time of the transaction and the type of the transaction concerned. We do not store your payment information.
3. Our security disclaimers
Please note the following:
- The third parties whose systems we link to are responsible for the security of information while it is collected by, stored on, or passing through the systems under their control.
- We will use all reasonable endeavours to ensure that our website and your information is not compromised. However, we cannot guarantee that no harmful code will enter our website (for example viruses, bugs, Trojan horses, spyware, or adware). You should be aware of the risks associated with using websites (addressed below).
- If you experience a problem or loss that is caused by: (i) information you provided to us; (ii) your computer being compromised in some way; (iii) or by something beyond our control.
We cannot take responsibility for causing the problem. We will, however, do our best to help you if we can.
4. Your security responsibilities
4.1 Recommended steps. You should:
- Install and activate appropriate security software on your computer. This should include anti-virus, anti-spyware, and anti-spam software.
- Run regular scans of your computer for viruses.
- Update your security software to ensure you are always running the current version.
4.2 Additional steps. Other steps you should take to help protect your computer include:
- Check your Internet browser’s security settings for ways to make your browsing more secure.
- Make sure that you have entered secure pages when filling in your sensitive personal information. Look for a small lock commonly seen on the left of the address bar and http changes to https on the address bar.
- Log out after you have transacted electronically.
5. Protecting your password
You should:
- never share your password with anyone;
- never send your password via email; and
- abide by our strong password policy and ensure your password is at least 12 characters long and including a combination of uppercase letters, lowercase letters, numbers, and special characters.
6. Payment information
6.1 Safe and secure
Transacting with us electronically (including transacting and using your credit or debit card, instant EFT, or SnapScan QR code on our website) is safe and secure. It is much the same as transacting in person face-to-face.
6.2 Payment processing
We do not get involved in any credit card transactions directly. All credit card transactions are handled or acquired for us via our bankers’ (First National Bank) approved payment gateway, Payfast. No credit or debit card details are stored on our website. Payfast uses the strictest form of encryption, namely Extended Validation SSL with 2048-bit encryption. You may go to https://payfast.io/security-fraud/ to view their security certificate and more information.
6.3 Secure URL
Once you begin the checkout process you should notice that the site URL includes “https” and the URL includes a small padlock. This is indicative of a secure Internet transaction.
7. Phishing
7.1 Secure URL
You must only log in to your account from a page that begins with https://chalkandjagger.com or https://chalkandjagger.co.za.
7.2 No confirmation through links
We will never ask you to confirm your username and password or other sensitive information by clicking on any links in an email other than the email link we send you at registration to verify your email address. Be aware of “phishing” attacks where criminals attempt to obtain your sensitive information by sending you an email, masquerading as an email from us, asking you to access your account or verify information via links in the email, or diverting you to a fake www.chalkandjagger.com website. Please report any suspected phishing attacks to us immediately to prevent any harm to you or other users.
8. Contact Us
Please report any suspicious or unauthorised activity relating to your use of our website to us directly, because it will help make our website as secure as we can.
9. Our right to take action
We reserve the right to take whatever action we may deem necessary at any time to preserve the security and reliable operation of our system. You undertake not do (or permit anything to be done) that may compromise the system under our control.
Security Policy © Copyright 2002-2023 Michalsons (www.michalsons.com). All rights reserved