Security Policy
Ghost Vapors Security Policy
Effective Date: 10/01/2024
At Ghost Vapors, we prioritize the security of your personal and payment information. We are committed to protecting your privacy, ensuring the integrity of your data, and maintaining a secure environment for all users of our website. This Security Policy outlines the steps we take to safeguard your information while using our Shopify-powered platform.
1. Data Protection
We use a combination of industry-leading security technologies and practices to protect your personal and payment information:
-
SSL Encryption: All data exchanged between your browser and our website is encrypted using SSL (Secure Socket Layer) technology. This ensures that sensitive data such as payment details and personal information is securely transmitted.
-
Payment Security: Payments on our website are processed through trusted and secure payment gateways that adhere to the Payment Card Industry Data Security Standard (PCI-DSS). Shopify also employs robust security measures, including tokenization and secure payment gateways.
-
Data Minimization: We collect only the necessary information to process your orders and provide our services. Any data we collect is stored in compliance with legal requirements and used solely for the purpose of fulfilling your requests.
2. Account Security
As a customer, you are responsible for maintaining the confidentiality of your login credentials. To enhance security, we implement the following measures:
-
Password Policies: We encourage users to create strong passwords and use a combination of letters, numbers, and special characters. Strong passwords help protect your account from unauthorized access.
-
Two-Factor Authentication (2FA): Shopify supports two-factor authentication (2FA) for added account security. We strongly recommend enabling 2FA for your Shopify account to further protect your login credentials.
-
Account Monitoring: Our systems continuously monitor accounts for suspicious activity. If we detect any unusual activity, we may prompt you to verify your identity or change your password as a precaution.
3. Website Security
We take several measures to ensure that our website remains secure and protected from cyber threats:
-
Regular Security Audits: We perform routine security checks and vulnerability assessments to ensure our website is secure and free from any potential risks.
-
Firewalls and Intrusion Prevention: Our website and servers are protected by advanced firewalls and Intrusion Detection and Prevention Systems (IDPS). These systems help monitor and block unauthorized access or malicious traffic.
-
Shopify Security Features: As a Shopify-powered store, we benefit from Shopify’s robust security infrastructure, including its platform’s compliance with industry standards and frequent security updates.
4. Third-Party Service Providers
We carefully select trusted third-party partners to handle sensitive data. These providers are required to adhere to relevant security standards to ensure your data remains secure. Shopify and its third-party providers follow stringent security protocols to safeguard your data during payment processing, shipping, and other related services.
5. Incident Response
In the unlikely event of a data breach or security incident, we have a comprehensive incident response plan in place:
-
Immediate Containment: We will promptly isolate the breach to minimize any further damage or exposure.
-
Notification: If your data has been compromised, we will notify you immediately, providing detailed information on the incident and the steps you should take.
-
Resolution and Reporting: Our team will work swiftly to resolve the incident, and if required, we will report the breach to relevant authorities in accordance with applicable laws and regulations.
6. User Responsibilities
We ask that you take the following precautions to help maintain the security of your account:
-
Use Strong, Unique Passwords: Create passwords that are difficult to guess and change them periodically.
-
Enable Two-Factor Authentication (2FA): Whenever possible, enable 2FA on your account for an added layer of security.
-
Keep Your Credentials Private: Do not share your login credentials with anyone, and be mindful of phishing attempts.
-
Report Suspicious Activity: If you suspect any unauthorized access to your account, please contact us immediately so we can take appropriate action.
7. Policy Updates
We may update this Security Policy from time to time to reflect changes in our business practices or technological advancements. When we update the policy, the new version will be posted on our website, with the effective date clearly stated. Your continued use of our services after the posting of updates constitutes your acceptance of the new terms.
Contact Us
If you have any questions or concerns about our security practices, please contact us: