Security & Data Protection
Secure Payment Methods
To meet the needs and preferences of customers, varied payment methods should be offered and these must be through a recognised secure payment service provider that is fully audited and compliant with current encryption standards.
Customer purchases can be assisted by flexible terms for paying over a set term, and 'pay no money today' offers might be considered. To avoid misunderstandings, terms and conditions must always be visible and clearly understandable.
Privacy and Data Protection
Legislation concerning Data Protection demands that a responsible firm only collects information that is needed for a specific purpose. This information should be kept secure, relevant and up-to-date, and should only be held for as long as it is needed.
Access to the data must be limited to those with a definite need to know, but should be open to inspection if requested by the person who has provided it.
Many people do not understand what a website 'cookie' is, so to avoid confusion and distrust, the site's 'cookies' policy needs to be fully explained and, by law, the choice to accept or not accept cookies offered.