Last Updated: [ April 26, 2025]  

Effective Date:[April 26, 2025]  

Applicable to: [Buddycopies.com] ("we," "us," or "our")  

 

1. Data Protection & Encryption

- SSL Encryption: All data transmitted through our website (including personal and payment information) is secured via “256-bit SSL encryption” provided by Shopify, ensuring protection against interception.  

- PCI DSS Compliance:We process payments through “Shopify Payments” or certified third-party gateways (e.g., PayPal, Stripe), adhering to “PCI DSS standards”. We do not store or handle raw credit card details.  

 

2. Account & Access Security

- Strong Passwords: User and staff accounts require strong passwords (min. 8 characters, with uppercase, lowercase, numbers, and symbols).  

- “Two-Factor Authentication (2FA):” We recommend enabling “Shopify’s 2FA”for admin and customer accounts to prevent unauthorized access.  

- “Role-Based Permissions:” Employee access to backend data is restricted on a “need-to-know basis”.  

 

3. Customer Privacy  

- Data Collection: We only collect necessary order-processing data (e.g., name, shipping address, contact details). Customization requests are stored securely.  

- GDPR/CCPA Compliance: Customers may request access, correction, or deletion of their data by contacting [Your Support Email].  

- Data Retention:Non-essential data (e.g., logs) is purged periodically. Payment data is retained only as required for transaction completion.  

 

4. Website & Server Security  

- Shopify Hosting:Our site benefits from Shopify’s enterprise-grade security, including automated vulnerability scans, DDoS protection, and regular updates**.  

- Third-Party Apps: Only “Shopify-approved apps” are installed, with periodic permission audits.  

 

5. Fraud Prevention  

- Order Verification: High-risk orders (e.g., large sums, cross-border, suspicious IPs) undergo manual review. Additional ID proof may be requested.  

- Anti-Fraud Tools: We utilize Shopify Protect or third-party solutions (e.g., Signifyd) to flag fraudulent transactions.  

 

6. Incident Response  

- Vulnerability Reporting: Report security issues to [Security@buddycopies.com]. We aim to respond within 48 hours.  

- Data Breach Protocol: In case of a breach, affected users and authorities will be notified as required by law.  

 

7. Cross-Border Data Transfers

- Data Storage: Customer data may be processed via Shopify’s global servers, complying with frameworks like the EU-U.S. Data Privacy Framework (DPF).  

 

8. Customer Responsibilities  

- Account Security:Users must safeguard login credentials and avoid sharing accounts.  

- Phishing Awareness:We will Never ask for passwords/payment details via email/SMS. Beware of fake links.  

 

---  

 

Contact Us  

For security-related inquiries:  

- Email: [security@buddycopies.com]  

- Address: [Kailinternational B, Freetrade Zone of Zhengzhou, China  

 

---  

 

Notes:

- This policy complements our [Privacy Policy] and [Terms of Service].  

- Regular reviews ensure compliance with GDPR, CCPA, PIPL, and other regulations.