Security Policy

Security Policy

We take security very seriously, but have to strike a balance  between increased levels of security and making transacting  with us convenient to you. This is our plan of action for  safeguarding our website and your personal information from  harm, such as unauthorised access, destruction, or loss. It  describes our responsibilities, our disclaimers, your  responsibilities, and has special provisions dealing with  phishing. If you need a security policy for your website, don’t  copy this one, we can help you draft one tailored for you. 

Our responsibilities 

We will: 

  • host our website on a secure server that uses a firewall  and other security measures to prevent unauthorised  access; 
  • protect your information that we store in or passes  through our systems using encryption or other 

appropriate information security measures; 

  • ensure that links from our systems to systems that third  parties control are secure; 
  • backup all data on our systems so that we can recover it  in case of disaster; and 
  • log all access to our systems to better identify and  resolve unauthorised access issues. 

Our disclaimers 

Disclaimer. We will do our best to prevent our website and  your information from being compromised and will help you  resolve a security problem whenever we can. However, we  are not responsible for compromises caused by: 

  • harmful code – entering our website, such as viruses,  bugs, Trojan horses, spyware, or adware; 
  • your fault – problems or loss caused by your information  you provide to us (such as inaccurate personal  information) or your computer being compromised (such  as being accessed by an unauthorised person or  otherwise hacked); 
  • factors beyond human control – such as fires, floods, or  other natural disasters. 

Third party systems. Third parties are responsible for the  security of information collected by, stored on, or passing  through their systems, even if we link to those systems. 

Your responsibilities 

No compromise. You may not do (or let anyone else do)  anything that might compromise our system. 

Protect your credentials. If you created a username,  password, or other credentials when you registered on or  submitted information through our website for the first time,  then you should take the following steps to secure those 

credentials: 

  • never share them with anyone;
  • never send them via email; and
  • make any passwords as strong as possible.

Recommended steps. You should take the following steps to  secure your personal information: 

  • install security software on your device, including anti virus, anti-spyware, and anti-spam software; 
  • regularly scan your device for viruses and other  malicious software; and 
  • keep security software up-to-date to ensure you are  always running the latest version with the latest  definitions. 

Additional steps. You could take the following steps for your  own security: 

  • check your Internet browser’s security settings for ways  to make your browsing more secure; 
  • make sure that you have entered secure pages when  filling in your personal information; and 
  • log out after you have transacted electronically.

Phishing

Awareness. Be aware of ‘phishing’ attacks where criminals  attempt to get your personal information by sending you an  email, masquerading as an email from us, asking you to  access your account or verify information through links in the  email, or diverting you to a fake version of our website. 

Legitimate URL. You must only log into our website from a  legitimate URL associated with us that you know and trust,  such as one based on our name that we have communicated  to you in writing. Please be wary of phishing websites that use  illegitimate URLs designed to trick you into thinking they are  our website, such as by using common misspellings of our name, different domain suffixes, or other words associated  with our business. 

Confirmation through links. We will not generally ask you to  confirm your credentials or other personal information by  clicking on any links in an email other than in any email link we  send you after registration or the first time you submit  information through our website to verify your identity. 

Reporting. Please report any suspected phishing attacks to us  immediately to prevent any harm to you or others. 

General 

Contact us. Please report any suspicious or unauthorised  activity relating to your use of our website to us directly,  because it will help make our website as secure as we can. 

Our right to take action. We may take whatever action we may  deem necessary to preserve the security and reliable  operation of our system.