Ocean Rescue Privacy, Data Security Policy and PCI DSS Compliance

 

Thank you for visiting the Ocean Rescue web site. This privacy policy tells you how we use personal information collected at this site. Please read this privacy policy before using the site or submitting any personal information. By using the site, you are accepting the practices described in this privacy policy. These practices may be changed, but any changes will be posted and changes will only apply to activities and information on a going forward, not on a retroactive basis. You are encouraged to review the privacy policy whenever you visit the site to make sure that you understand how any personal information you provide will be used.

Note: the privacy practices set forth in this privacy policy are for this web site only. If you link to other web sites, please review the privacy policies posted at those sites.

Collection of Information

We collect personally identifiable information, like names, home or business addresses, email addresses, etc., when voluntarily submitted by our visitors. The information you provide is used to fulfill your specific request. If you provide us with your email address, you are giving us permission to add you to our email list. You may unsubscribe at any time by following the prompt at the bottom the email.

Cookie/Tracking Technology

Our site uses cookie and tracking technology. Cookie and tracking technology are useful for gathering information such as browser type and operating system, tracking the number of visitors to our site, and understanding how visitors use our site. Cookies also help customize our web site for your use. Personal information cannot be collected via cookies and other tracking technology, however, if you previously provided personally identifiable information, cookies may be tied to such information. Aggregate cookie and tracking information may be shared with third parties.

Distribution of Information

We may share information with governmental agencies or other companies assisting us in fraud prevention or investigation. We may do so when: (1) permitted or required by law; or, (2) trying to protect against or prevent actual or potential fraud or unauthorized transactions; or, (3) investigating fraud which has already taken place. The information is not provided to these companies for marketing purposes.

PCI DSS Compliance and Commitment to Data Security

This website is PCI DSS compliant.  You may validate our compliance by clicking on the green, white, and blue Trustwave symbol in the footer of any page on our website.  PCI DSS stands for Payment Card Industry Data Security Standard.  It is standard set by the five founding global payment brands — American Express, Discover Financial Services, JCB International, MasterCard, and Visa Inc. The PCI Data Security Standard is a multifaceted security standard that includes requirements for security management, policies, procedures, network architecture, software design and other critical protective measures. The PCI Data Security Standard is comprised of 12 general requirements designed to: Build and maintain a secure network; Protect cardholder data; Ensure the maintenance of vulnerability management programs; Implement strong access control measures; Regularly monitor and test networks; and Ensure the maintenance of information security policies.

Your personally identifiable information is kept secure. Ocean Rescue Spa Products uses technical security measures to prevent the loss, misuse, alteration or unauthorized disclosure of information under our control. We use security measures including and not limited to: physical, electronic and managerial procedures to safeguard and secure the information we collect online.  Our site incorporates an SSL EV certificate.  SSL stands for Secure Sockets Layer, a standard for website security.  An SSL certificate is a digital certificate that authenticates our identity and encrypts information you exchange with us.  Encryption is the process of scrambling data into an undecipherable format that can only be returned to a readable format with the proper decryption key. The EV stands for Extended Validation.  This means that our business information, legal name, address, ownership, and phone number have been independently validated and certified.  If you wish to examine our certificate, you may do so at any time by clicking on the green bar or the lock to the left of our URL in your browser. Additional information is available by clicking on the “Verified and Secured” symbol at the very bottom of any of the pages of this website.

We do not keep or store your credit card information.  Credit card data is processed through an encrypted link directly to Authorize.net and does not pass through our servers.  Authorize.net is an independent credit card management company that verifies credit card data to safely process payments and prevent fraud.  You may read additional information about Authroize.net by clicking on their symbol also located at the bottom of any of the pages on this website.  We also use PayPal and Amazon payment systems.  You may read about their policies on the respective websites.

If you have any questions, concerns, or comments about our privacy policy you may contact us using the information below:

By e-mail: spa@oceanrescuespa.com
By Phone: (480) 948-4600

We reserve the right to make changes to this policy. Any changes to this policy will be posted.