Security Policy for The Vintage Toy Box - Online Classic Toy Shop

At The Vintage Toy Box, we take the security and protection of our customers' data seriously. This Security Policy outlines the measures we have in place to safeguard your personal information and ensure a secure online shopping experience. By using our website, you agree to adhere to the security practices described below.

Secure Website

SSL Encryption: Our website is equipped with Secure Socket Layer (SSL) encryption to secure your data during transmission. This encryption ensures that your personal and payment information is encrypted and protected from unauthorized access.

Regular Updates: We maintain the latest security updates and patches for our website's software to mitigate vulnerabilities and ensure a safe browsing experience.

Account Security

Password Protection: When creating an account, we require a strong and unique password to help protect your account from unauthorized access.

Account Privacy: Your account information is stored securely and is accessible only to you through your login credentials.

Secure Payments

Secure Payment Gateway: We utilise Stripe, a trusted and PCI-compliant payment gateway to process online transactions securely. Your credit card details are collected for the sole purpose of processing your order and are not stored on our systems or visible by us.

Verified Payment Methods: We only accept payments from reputable and verified sources, such as major credit cards and PayPal.

Data Protection

Limited Access: Only authorised personnel have access to sensitive customer data, and access is granted on a need-to-know basis.

Data Encryption: Personal and sensitive data are encrypted both during transmission and storage to protect against unauthorized access.

Data Deletion: We retain customer data for as long as necessary for order processing and as required by law. Once data is no longer needed, we securely delete it from our records.

Regular Security Audits

We conduct regular security audits and vulnerability assessments to identify potential risks and implement necessary improvements to our systems.

Phishing Prevention

We educate our staff about phishing scams to prevent unauthorised access to accounts or sensitive information.

We will never request your password, sensitive data or payment details via email or other unsecured channels.

Incident Response

In the event of a security breach or data compromise, we have a well-defined incident response plan to promptly address the issue, assess the impact, and notify affected individuals and regulatory authorities, as required by Australian law.

Employee Training

Our employees receive comprehensive training on data security best practices to maintain the confidentiality and integrity of customer information.

Compliance

We comply with relevant data protection and privacy laws, including the Australian Privacy Principles (APPs).

Third-Party Vendors

We ensure that our third-party service providers, such as payment processors, shipping partners and email-marketing platforms follow industry-standard security practices to protect your data.

We continuously review and update our security measures to keep up with technological advancements and evolving threats. While we strive to maintain a secure environment, it is essential for our customers to exercise caution and practice safe online behaviour, such as using strong passwords and keeping their devices protected against malware and viruses.

If you suspect any security concerns or have questions about our security practices, please contact us immediately. Your trust in The Vintage Toy Box is of utmost importance, and we are dedicated to providing a safe and secure online shopping experience for our valued customers.

Learn more

Questions

If you have any questions at all, please contact us for further information.