Politique de sécurité

Politique de sécurité

Date d'entrée en vigueur : Janvier 2025

Our Security Commitment

At MunchMakers, we take the security of your personal and financial information seriously. This Security Policy outlines the measures we implement to protect your data and maintain a secure shopping environment.

Data Protection Measures

Encryption

  • SSL/TLS Encryption: All data transmitted between your browser and our servers is encrypted using industry-standard SSL/TLS protocols
  • 256-bit Encryption: We use strong encryption standards for all sensitive data
  • Encrypted Storage: Sensitive information is encrypted at rest in our databases

Payment Security

  • PCI DSS Compliance: We maintain Payment Card Industry Data Security Standard compliance
  • Tokenization: Credit card numbers are tokenized and never stored on our servers
  • Trusted Payment Processors: We partner only with established, secure payment gateways
  • Fraud Detection: Advanced fraud detection systems monitor for suspicious transactions

Access Controls

Account Security

  • Strong password requirements (minimum 8 characters, mixed case, numbers, symbols)
  • Account lockout after multiple failed login attempts
  • Session timeout for inactive users
  • Optional two-factor authentication (2FA) for added security

Internal Access

  • Role-based access control for employees
  • Principle of least privilege
  • Regular access reviews and audits
  • Background checks for employees handling sensitive data

Infrastructure Security

Server Security

  • Firewalls and intrusion detection systems
  • Regular security patches and updates
  • 24/7 monitoring for suspicious activity
  • Secure data centers with physical access controls

Network Security

  • DDoS protection
  • Regular vulnerability scans
  • Penetration testing by third parties
  • Secure API endpoints

Data Handling Practices

Collection Minimization

  • We only collect data necessary for business operations
  • No unnecessary personal information is requested
  • Data retention policies ensure old data is securely deleted

Third-Party Security

  • All third-party vendors undergo security assessments
  • Data sharing agreements include security requirements
  • Regular audits of third-party security practices

Customer Responsibilities

To help maintain security, we recommend customers:

Password Best Practices

  • Use unique, strong passwords
  • Never share your password
  • Change passwords regularly
  • Use a password manager

Safe Browsing

  • Always verify you're on https://www.munchmakers.com
  • Look for the padlock icon in your browser
  • Don't click links in suspicious emails
  • Keep your browser and antivirus updated

Account Monitoring

  • Review your order history regularly
  • Report any unauthorized transactions immediately
  • Keep your contact information updated
  • Log out when using shared computers

Incident Response

Security Breach Protocol

In the unlikely event of a security breach:

  1. Immediate containment and investigation
  2. Assessment of impact and affected data
  3. Notification of affected customers within 72 hours
  4. Cooperation with law enforcement if necessary
  5. Implementation of additional security measures

Reporting Security Issues

If you discover a security vulnerability:

  • Email: security@munchmakers.com
  • Do not publicly disclose the issue
  • Provide detailed information about the vulnerability
  • We offer recognition for responsible disclosure

Regular Security Measures

Ongoing Activities

  • Monthly security updates and patches
  • Quarterly security assessments
  • Annual third-party security audits
  • Continuous employee security training

Compliance

  • GDPR compliance for data protection
  • CCPA compliance for California residents
  • Industry best practices adherence
  • Regular compliance audits

Email Security

Phishing Protection

  • We will never ask for passwords via email
  • All official emails come from @munchmakers.com
  • Suspicious emails should be reported immediately
  • We use email authentication (SPF, DKIM, DMARC)

Mobile Security

If accessing our site via mobile:

  • Use secure Wi-Fi connections
  • Keep your device OS updated
  • Use device lock screens
  • Install apps only from official stores

Questions and Concerns

For security-related questions or to report a security concern:

MunchMakers Security Team
Email: security@munchmakers.com
Phone: +1 650-640-3836

For urgent security matters, please call directly.

Updates to This Policy

We regularly review and update our security measures. This policy may be updated to reflect new security practices or technologies. Check back periodically for updates.

Your security is our priority. We continuously work to maintain the highest standards of data protection and welcome your feedback on how we can improve.