GiveEasy Information Security Statement
GiveEasy Pty Ltd (ABN 99 158 381 125) is committed to the protection of your private and information. This document covers our information security processes and systems.
GiveEasy's services provide state-of-the-art security through the entire information processing lifecycle. This infrastructure is built to provide secure deployment of services, secure storage of data with end-user privacy safeguards, secure communications between services, secure and private communication with customers over the Internet, and safe operation by administrators.
Payment Card Industry (PCI) Security Standards
GiveEasy is PCI compliant as a PCI-DSS AEP merchant. We do not store or directly process any cardholder information, credit card numbers (PANs), or other sensitive payment data. Your donations are handled securely through PCI Level 1 accredited service providers with a PCI compliant payment form.
GiveEasy uses strong encryption to protect data in transit and at rest. Your personal and payment information is always protected using HTTPS, which is activated by default for all users. Sensitive customer data is encrypted or hashed at rest, using one or more encryption mechanisms.
Access rights and levels are based on job function and role, using the concepts of least-privilege and need-to-know to match access privileges to defined responsibilities. Requests for additional access follow a formal process that involves a request and an approval from a data or system owner, manager, or other executives, as dictated by GiveEasy’s security policies.
In the event that GiveEasy becomes aware of a vulnerability or issue that affects your personal and payment information, we will take all reasonable steps to notify you of the extent and nature of the information affected and take immediate steps to resolve the issue.
How to contact us
If you have any questions about this Security Statement, or if you wish to enquire or make a complaint about our services or notify us of an issue, please contact the security officer by sending an email to email@example.com
Last Updated 30 May 2019