Security Method for the Transmission of Payment Data
Security method for the transmission of payment data from client to server is by using HTTPS technology, with SSL certificate issued from Comodo Secure Certificates.
American Bungalow is committed to protecting the privacy of our customers' personal data.
- Describes the personal data that we collect;
- How we collect data and why;
- How data will be used and who we can disclose or transfer data to and why;
- How data can be corrected or deleted;
- The measures that we take to protect data; and
- The process and contact information that customers can use to raise enquiries, concerns and complaints.
1. Commitment to Personal Data Protection
American Bungalow is committed to safeguarding our customers' personal data by adherence to the following obligations:
- The American Bungalow Data Protection Policy, the Information Security Policy and the related policies;
- The United States Government's Safe Harbor Framework;
- The relevant local data protection laws and regulations; and
- The contractual commitments to our customers.
2. To Whom this Statement Applies
This statement applies to the services and products offered by American Bungalow and binds all our employees. American Bungalow also expects our service providers to have introduced data protection principals and technical and organizational measures that are substantially similar to the ones American Bungalow has adopted in respect of similar personal data. This statement refers to personal data from our individual customers.
3. What Information is Collected and How is it Collected?
American Bungalow collects personal data about you when you purchase, use or benefit from American Bungalow's services or products.
"Personal data" includes information that will allow someone to identify or contact you, including, for example, your full name, address, telephone number (professional & home) or email address, and date of birth. Personal data does not include aggregated data or data that, by itself, does not permit the identification of individual persons.
You provide certain personal data to American Bungalow when, for example, you: (a) call our customer support center or (b) submit contact information through mail and electronic mail; or (c) place an order through our website.
When you choose to pay for American Bungalow services or products by credit card directly from the American Bungalow website, you will be required to provide American Bungalow with the name of your credit card issuer, credit card number, expiration date and other security information. When you choose to pay for American Bungalow services or products by other means, we may ask you for your credit card details, contact details and bank account details.
You also provide information to us when you choose to email data to us, or you participate in marketing and sales initiatives.
American Bungalow will only gather data that is relevant for the purposes for which it will be used and will not gather excessive or unnecessary data. No information given to us will ever be sold to any 3rd parties nor will any party attempt to contact you on our behalf.
American Bungalow shall take reasonable steps to ensure that data is reliable, accurate, complete, and current, bearing in mind its intended use. You have a responsibility to keep the data you provide to us updated and we will take reasonable steps to facilitate this.
4. Acceptance and Links to other Websites
This American Bungalow website may contain links to other websites, which are provided solely as a convenience to you and not as an endorsement by American Bungalow of the contents of other web sites. The other web sites may have their own policies, which American Bungalow does not control, and thus are not addressed or controlled by this statement or the American Bungalow Data Protection Policy.
6. How the Personal Data will be used
American Bungalow will use your personal data to provide you with services and products that: (a) you purchase; (b) are purchased by an association or institution (including an educational establishment) of which you are a member.
Your personal data may be transferred to Government authorities, agencies and institutions as required or permitted by applicable laws and regulations.
American Bungalow shall not collect, use, disclose or transfer your personal data except as described in this Statement unless you give us your permission to collect, use, disclose or transfer it for other purposes.
7. Data Protection for Children
American Bungalow does not knowingly collect any information on persons who have not attained the age of 18 years through the online services and the American Bungalow website.
8. How Can Users Correct Inaccuracies in their Personal Data?
You can review the personal data that American Bungalow has collected from you by contacting our customer service hotline; or by using the contact form on American Bungalow's website.
In order to update, delete, amend or block any personal information that we create and that we are able to change, contact us using the following e-mail address: [[email protected]] or through the contact link on our website. Should you need our assistance to access or make changes to your personal information, please submit your request to us.
American Bungalow will strive to address your request as soon as practicable and no later than thirty (30) calendar days from the date your request is received and understood.
If American Bungalow is asked to destroy the personal data, American Bungalow shall use means that prevents its recreation and American Bungalow shall take reasonable care to ensure that there is no unauthorised disclosure during the destruction of the data.
9. What Kind of Security Procedures are Used to Protect the Loss, Misuse, or Alteration of Your Personal Data under American Bungalow's Control?
American Bungalow takes precautions to protect its users' information. American Bungalow has implemented policies that forbid its employees from using or disclosing personal data in an inappropriate or unlawful manner and maintains security measures to safeguard the personal data that it maintains from unauthorized access, misuse, alteration, loss or destruction.
Information Collected by Electronic Means
When you provide American Bungalow with personal data through online forms and other electronic methods, the data is protected using industry-standard encryption.
The Information Security Policy and the Information Security Procedures and Processes
All American Bungalow employees are required to follow the Information Security Policy. The policy is implemented through the Information Security procedures and processes. These are periodically reviewed and updated, as the information security landscape is in a constant state of flux. All new employees are required to sign a written confirmation that they have read and understood the Information Security Policy and a confidentiality agreement. Employees also have confidentiality obligations in their contracts of employment with American Bungalow.
Security of Premises and Other Physical Security Measures
Information systems containing sensitive information and communications equipment are placed in secure areas and protected by additional physical security measures that permit access only to the employees who need access, operational processes, environmental controls and fire detection and suppression systems to safeguard against accidental loss, theft or unauthorized removal, misuse, damage or unauthorized access.
Security against unauthorised electronic access and viruses
- All gateways to the internet are protected by a firewall and access to both internal and external networks are restricted and controlled.
- All servers are hardened based on security hardening standards to protect against network threats.
- Endpoint security is constantly being review to protect the network against unauthorized access, data loss or destruction.
- Access to computer services and information is on a 'roles and responsibility' basis and is restricted and controlled based on the business requirements to reduce the risks associated with misuse, such as alteration, destruction and unauthorised dissemination of data.
- Access to information services is through a secure login process with a unique identifier.
- Critical servers are scanned using network and system vulnerability scanners. Web applications are also scanned by automated penetration tools for application level security vulnerabilities that may be susceptible to hacking.
- External vulnerability scanning on our internet facing sites is performed monthly to ensure that these sites are secure. These are done via in-house vulnerability scanning tools and third party services.
- American Bungalow engages external consultants to conduct security review of our environment. These reviews help us to understand the security gaps and ensure that our infrastructure and applications are able to meet and mitigate new network and Internet security threats and risks.
10. How do I Resolve Disputes with American Bungalow Relating to Personal Data?
If you are unsatisfied with the manner in which your question or concern was addressed, in respect of our online services, you may contact American Bungalow at [email protected]
American Bungalow will investigate all concerns and complaints and will address them expeditiously. An acknowledgement of the identity of the employee addressing the complaint and the approximate length of time that will be taken to review the complaint will be provided no later than five (5) business days from the date the complaint is received and understood. Regular updates shall be given to you on the progress of the review if the review is likely to take longer than seven (7) business days.
11. Changes to this Statement
American Bungalow reserves the right to change this policy at any time by notifying users through its website of the existence of a new privacy statement. This statement and the policies outlined herein are not intended to and do not create any contractual or other legal rights.