| Kreta Reserve Security FAQ |
- How is my account information protected?
- What is shown on my sales receipt?
- How is my order processed using my credit card and what company does the processing?
- Is my account information and data encrypted?
- What is SSL and why is it important?
- What kind of e-commerce software and system hardware does Kreta Reserve use?
- Will anyone from Kreta Reserve call on the phone to sell me stuff or send SPAM to me?
- Will Kreta Reserve share or sell my information to any third patries?
|
| |
| |
| Privacy Policy and Security Notes |
| |
1) How is my account information protected?
Information about our customers remains strictly confidential and is carefully safeguarded. We will not release information to anyone for any reason without a court order and in full compliance with all local, state, and federal laws. Credit card and financial information is used only to process an order. Unless you have specifically authorized storage of your credit card information for use in paying for orders, it is destroyed following closure of the transaction. If you have authorized storage of your credit card information to process recurring orders, your information is securely stored in our encrypted data base and is not visible to anyone after it has been entered by you. When you place an order, your encrypted credit card and billing information is sent to the purchasing system for processing using our 2048 bit encryption technology.
|
| |
2) What is shown on my sales receipt?
The only portion of the credit card number that is ever made visible are the last four numbers. These are only visible when you have authorized a transaction. It is noted on your receipt so that you can properly track your credit card use.
|
| |
3) How is my order processed using my credit card and what company does the processing?
Credit card orders are processed directly through our corporate bank headquartered in Birmingham, Alabama. Our processing software is custom built to provide extra layers of security. We are affiliated with TSYS Acquiring Solutions as our credit card processing technology certification and clearinghouse agent. TSYS Acquiring Solutions is Payment Card Industry (PCI) compliant, verified by the Visa U.S.A. Cardholder Information Security Program (CISP). TSYS Acquiring Solutions is a wholly owned TSYS® (NYSE: TSS) subsidiary. TSYS delivers advanced technology and enhanced value to many of the world's leading companies, making it possible for hundreds of millions of consumers to use their credit, debit, commercial, private-label, prepaid and chip cards safely and securely. As noted, we are PCI compliant and do not use third party credit card processors who may not provide appropriate safeguards for your credit information and personal data.
|
| |
4) Is my account information and data encrypted?
Your personal data is secured on our website through state of the art digital encryption of the highest order. In addition, we use extended SSL certificates for securely exchanging information between your computer and our server. SSL is an acronym for Secure Sockets Layer. SSL provides a secure connection, allowing you to transmit private data online. Sites secured with SSL display a padlock in the browsers URL and possibly a green address bar if secured by an EV SSL certificate. We use the extended validation (EV) SSL certificate. This is a 2,048 bit encryption cipher and is the highest level of encryption available for public e-commerce use. It costs more, but your data is treated like our data and we want only the finest security we can get for your data and ours. Click here to see our most recent PCI Compliance Certificate.
|
| |
5) What is SSL and why is it important?
When a SSL Digital Certificate is installed on a web site, users can see a padlock icon at the bottom area of the navigator. When an Extended Validation Certificate is installed on a web site, users with the latest versions of Firefox, Safari, Internet Explorer, or Opera will see the green address bar in the URL area of the navigator. Users on sites with SSL Certificates will also see https:// in the address bar during an e-commerce transaction. It is important to use SSL encryption to ensure your data is encrypted from your computer’s browser program to our website. No matter how you are connected to the internet, SSL encrypts the data you send or receive from our website, point-to-point. This means anyone in the middle...your ISP, our ISP and any other transit networks...only are able to see the encrypted message containing data that you are communicating with us. Without knowing the decryption key, the data they see appears as digital garbage. In our case, we use a higher level of SSL encryption called EV SSL (extended validation SSL) for added security because protecting your data is important to us.
|
| |
6) What kind of e-commerce software and system hardware does Kreta Reserve use?
For security reasons, we can’t tell you the specific software or hardware configurations we employ on our website. However, we can tell you that our website software and hardware configurations are customized by our own staff, not outside consultants. We do not use any off-the-shelf e-commerce software packages commonly found on other websites. This provides another level of security for your data and our peace of mind in handling that data. Of note is our hardware design that includes a double redundant, real time, data mirroring capability. Our multi-server design makes it impossible for anyone to hack our system and gain access to the data. Again, this part of the security design costs us more money, but the safety and security of your personal and private data is worth it. In addition, we own our servers and do not share these with outside users. Our servers are physically secured in a limited access facility where we have redundant backup power and generators as well as multiple connectivity lines to the internet backbone. There are other safeguards we use, but that discussion is not for public disclosure. Suffice it to say that your data is safe on our machines.
|
| |
7) Will anyone from Kreta Reserve call on the phone to confirm my private information or sell me stuff or send SPAM to me?
No. We will never ask you for your password. We use a security question to validate your identity if you call us. When you register, you are given a series of security questions to answer. We may ask you for the answer to more than one of these. Typically, these security questions would be personal information that generally would not be found in the public realm, like the name of your pet or your favorite band. Just remember, we will NEVER ask you for your password. If someone does that, hang up and report it to us as soon as you can. We do not use pop up ads, solicit by phone or email, or engage in any other activities whereby a someone claiming to be a representative from Kreta Reserve will contact a customer or the public in general and attempt to sell something or gain credit card information. Please verify the identity of any person claiming to be a Kreta Reserve representative before discussing your personal information. We will NEVER ask for personal or private financial information. Please ignore any attempts to use Kreta Reserve for such activities. We would appreciate hearing about any such attempts.
|
| |
8) Will Kreta Reserve share or sell my information to any third parties?
GMHS International, LLC, the parent company of Kreta Reserve brand products will not sell, share, or otherwise divulge any private or personal data for any reason to anyone without a valid court order that is in full compliance with all local, state, and federal laws and legally compels us to do so. Any and all data stored on our system will be encrypted with a 2048 bit randomly generated encryption cipher. We will not store your private financial data such as credit card numbers without your express permission to do so. We will not process credit card transactions through a third party provider. We will only process credit cards directly through our corporate bank and the credit card issuer. We pledge to maintain our high levels of digital security and encryption technology currently available to e-commerce vendors and improve our security technology as it evolves.
|
| |
