Website Security Policy

The following article provides some example snippets you can use to construct your own Website security policy.

Because the security and privacy policy can be quite short, you might want to consider combining the two together as you are required to have a privacy policy anyway.
 

Form Submission security

When you submit a form on this website such as an enquiry or a simple site search via our website, a secure server is used.
We use industry standard data encryption for transmission of any personal information including credit card details you provide online. Known as SSL (Secure Sockets Layer) protocol, you can check this is active by looking for the padlock symbol on many browsers. SSL allows a secure connection between your web browser and our web server, using a private (or secret) key to encrypt the information.
 

Ecommerce Security

We use a PCI Compliant third party payment gateway [Name of Gateway: Eg. DPS, Pay Pal, Pay station to process credit cards online. We do not store your credit card details online. All credit card transactuons are processed online in realtime and protected by industry standard security standards. EG. SSL

You should include an icon and a link to the payment gateways privacy policy Eg: http://www.paymentexpress.com/about/about_paymentexpress/privacy_policy.html. Your Payment gateway provider will be able supply this icon.
 

SSL

When you purchase products or book events via our website, a secure server is used. We use industry standard data encryption for transmission of any personal information including credit card details you provide online. Known as SSL (Secure Sockets Layer) protocol, you can check this is active by looking for the padlock symbol on many browsers. SSL allows a secure connection between your web browser and our web server, using a private (or secret) key to encrypt the information. This encryption provides greater consumer protection than many forms of offline credit card payments.
 

Other Ecommerce policies

The banks ask for a lot of written policies from customers, ANZ for instance asks for at least these:
  • Terms & conditions: (note that we can nor provide a template for this. You will need to seek legal advice  and craft this to your own companies requirements.
  • Privacy Policy
  • Returns policy
  • Delivery/Export restrictions (if applicable)
  • Disclosure that you are an NZ based company

Please note

It is not feasible to display a vendors SSL badge on the site, as we use several providers for different servers and locations, but you can provide a generic secure icon. Find an example on our Website icons page