The Other Girl values the privacy of credit card information and is committed to protecting the credit card details it holds and uses.
This policy outlines how The Other Girl intends to collect, store and destroy credit card details.
The policy is based on the following principles:
- The Other Girl must take reasonable steps to protect the credit card details it holds from misuse and loss and from unauthorised access, modification and disclosure.
- Is a necessary condition for The Other Girl to provide credit card facilities to its customers for the payment of services and goods provided by The Other Girl.
The Other Girl may consider the following matters when adopting reasonable steps to protect the credit card information it holds:
- The sensitivity of credit card details and an individual’s expectations that this information will be protected from misuse and loss and from unauthorised access, modification and disclosure;
- The harm likely to result if there is a breach of security; and
- The form in which the information is stored (e.g. on paper or electronically) processed and transmitted.
All The Other Girl staff.
- Application of Policy
This policy is designed to deal with situations where an individual or business provides details of their credit card to The Other Girl. The policy is also designed to ensure that The Other Girl will store and destroy credit card details in a manner which protects the credit card details from:
– Unauthorised access;
– Unauthorised modification; and
– Unauthorised disclosure.
- Collection of Credit Card Details
The Other Girl is committed to ensuring that credit card details are collected in a secure manner. The Other Girl will take reasonable steps to protect the credit card details it holds from misuse and loss and from unauthorised access, modification and disclosure during collection by adopting the following practices:
- Preventing, where possible, individuals from providing credit card details in an email;
- Ensuring that where credit card details are collected online, encryption in accordance with The Other Girl’s Security Policy is included within the company’s internet web page, The Other Girl’s Online, databases and other supporting programs;
- Only collecting credit card details in an appropriate environment, for example not requesting credit card details verbally in a public place; and
- Ensuring that when credit card details are collected via facsimile, the facsimile is placed in a secure location.
- Storage of Credit Card Details
- The Other Girl is committed to ensuring that credit card details are held securely. The Other Girl will take reasonable steps to protect the credit card details it holds from misuse and loss and from unauthorised access, modification and disclosure by adopting the following practices:
- Ensuring that credit card details are stored in a secure and protected manner such as locked filing cabinets;
- Ensuring that EFPTOS machines and other devices used to collect credit card details are stored securely, particularly when they are not in use (eg overnight);
- Ensuring that appropriate staff only have access to credit card details; and
- Ensuring information is transferred securely (for example, not transmitting credit card details via e-mail).
- Credit card details may be stored in hard copy documents. If credit card details are stored as electronic data appropriate security measures must be utilised in accordance with The Other Girl’s Security Policy. Some of the ways The Other Girl seeks to protect credit card details include the following:
- Policies on document storage and security;
- Security measures for access to The Other Girl’s computer systems;
- Controlling access to The Other Girl’s premises;
- Website protection measures.
- For customers on a Trading Account, credit card details are stored on site as per the customer’s request for the purposes of settling monthly accounts.
- Destruction of Credit Card Details
Credit card details will be destroyed in a secure manner when they are no longer needed by The Other Girl. Examples of destruction in a secure manner include shredding, pulping or disintegration of paper files, fire, confidential disposal in accordance with any guidelines provided by government legislation, encryption or scrubbing of credit card number or contracting an authorised disposal company for secure disposal.
- For Further Information
For further information about this policy please contact:
Phoning – 07 4091 3500
Faxing – 07 4091 3506
Faxing – firstname.lastname@example.org.
or you can write to us at: The Privacy Officer, The Other Girl, PO Box 1035, Atherton QLD 4883.
- Obligations of Staff
If a staff member collects credit card details on The Other Girl’s behalf, the staff member must meet the relevant requirements of this policy in relation to the storage of credit card details.
- Disciplinary Action for Breach of Policy
If a staff member breaches this policy, depending on the circumstances it may be regarded as misconduct or poor performance and this may result in action being taken in accordance with the provisions set out in the individual’s employment contract.
- Change of Policy
The Other Girl may change this policy from time to time without prior notice.
All staff should be aware of, read, understand and comply with the procedures set out in this policy.