Privacy & Security

Privacy & Security

 

You can shop online at www.uplifting.com.au  confident that your information is treated safely and securely. All information supplied to Uplifting Solutions will only be used to process orders, respond to enquiries and occasionally send promotions or newsletters.

In line with Australian Commonwealth and State privacy legislation, Uplifting Solutions will never sell or give any of your personal information to third parties.

The Uplifting Solutions website is located in a secure server environment. Our online payment system is highly secure as all transactions and your credit card details are encrypted. Our transaction portal deletes credit card information after purchases are completed.

Our ecommerce partner eWay is an international company at the fore front of the online payment industry.

As an online credit card processor, eWAY is subject to standards imposed on the industry by major card issuers such as Visa and MasterCard. The Payment Card Industry (PCI) Data Security Standard (DSS) is a set of guidelines developed to help organisations that process card payments prevent credit card fraud, hacking and various other security issues. A company processing, storing, or transmitting credit card numbers must be PCI DSS compliant or they risk losing the ability to process credit card payments.

The core of the PCI DSS is a set of principles and accompanying requirements, around which the specific elements of the DSS are organised, as outlined below.

 

Build and Maintain a Secure Network

Requirement 1: Install and maintain a firewall configuration to protect cardholder data
Requirement 2: Do not use vendor-supplied defaults for system passwords and other security parameters

Protect Cardholder Data

Requirement 3: Protect stored cardholder data
Requirement 4: Encrypt transmission of cardholder data across open, public networks

Maintain a Vulnerability Management Program

Requirement 5: Use and regularly update anti-virus software
Requirement 6: Develop and maintain secure systems and applications

Implement Strong Access Control Measures

Requirement 7: Restrict access to cardholder data by business need-to-know
Requirement 8: Assign a unique ID to each person with computer access
Requirement 9: Restrict physical access to cardholder data

Regularly Monitor and Test Networks

Requirement 10: Track and monitor all access to network resources and cardholder data
Requirement 11: Regularly test security systems and processes

Maintain an Information Security Policy

Requirement 12: Maintain a policy that addresses information security

Service Providers such as eWAY must validate compliance with an audit by a PCI DSS Qualified Security Assessor (QSA) Company each year. eWAY’s PCI DSS Audit is conducted by a third party, Securus Global, a certified QSA and QPASC under the Payment Card Industry Data Security Standard Program.