Privacy

Privacy Policy - Site provides a privacy policy or statement that explains use and retention of any Personally Identifiable Information (PII) collected. A Platform for Privacy Preferences (P3P) document is preferred.

Personally Identifiable Information (PII) - All collected PII is stored and transmitted via secure systems and networks using currently accepted standards. Any sharing of PII with third parties is disclosed within the privacy policy.

Security

Financial Information - Management of credit card information and other Government identifiers collected meet the requirements of the Payment Card Industry Data Security Standards (PCI DSS).

Network Security - All systems and networks storing PII are protected from unauthorized access. Any external connections to protected networks requires the use of secure connections with the end-points also secured.

Data Transmission - All transmission of PII across public networks is done using secure communications. This includes all information sent to third-parties for the processing of orders.

Monitoring

Security Monitoring - Proper monitoring systems and log storage are in place to assure that a system compromise can be detected and information can be provided to proper authorities.

Anti-Virus Software - Appropriate Anti-Virus/SpyWare software is installed on all servers that store or collect PII. The software is setup to scan at appropiate intervals and notify if there are issues.

Software Updates - Regular software maintenance has to be performed often to install all security related patches or upgrades available for systems that handle PII.

General

Domain Contact - Site contact information is available in the form of either a published site e-mail address or a customer contact form.

Applicable Laws - All applicable laws are followed, especially those related to the receipt and handling of PII. All laws with respect to unsolicited e-mail are also followed.