Security Policy
Security Policy for Pura Vida Books
Last Updated: February 5, 2025
1. Introduction
At Pura Vida Books, we take security seriously. Protecting our website, customers, and business operations from cyber threats is a priority. This Security Policy outlines our approach to safeguarding sensitive information and responding to security incidents.
2. Reporting Security Issues
If you identify a security vulnerability or suspect an issue on our website, we encourage responsible disclosure. Please report any security concerns to our security team at:
Email: info@puravidabooks.com
Response Time: We aim to acknowledge reports within 48 hours and provide updates as we investigate.
3. Scope
This Security Policy applies to all aspects of our website, including but not limited to:
- The Shopify store and checkout process
- Customer accounts and login security
- API integrations and third-party services
- Payment processing and financial transactions
- Data protection and encryption measures
4. Security Measures
To ensure the highest level of security, we implement the following measures:
- Encryption: All data transmitted between users and our website is secured using SSL/TLS encryption.
- Secure Payments: We use Shopify’s PCI-compliant payment processing to protect financial transactions.
- Account Protection: Customers are encouraged to use strong, unique passwords and enable two-factor authentication where applicable.
- Regular Updates: Our website and all related software are kept up to date to prevent vulnerabilities.
- Access Control: Sensitive areas of our store and customer data are protected with strict access controls.
5. Responsible Disclosure Policy
We appreciate security researchers and ethical hackers who help improve our security. If you responsibly disclose security issues to us:
- Do not exploit the vulnerability beyond what is necessary to demonstrate its existence.
- Do not access, modify, or delete any data without authorization.
- Do not perform actions that may negatively impact our users or services.
- Allow us reasonable time to resolve the issue before publicly disclosing it.
6. Prohibited Activities
The following activities are strictly prohibited:
- Unauthorized access or attempts to breach our systems
- Data scraping, brute-force attacks, or denial-of-service (DoS) attacks
- Any actions violating Shopify’s terms of service
- Distribution of malware or phishing attempts targeting our customers
7. Contact Information
For security-related inquiries, please contact our security team at:
Email: info@puravidabooks.com
Mailing Address: Pura Vida Books, PO BOX 2002, Salinas, Puerto Rico, 00751-2001
8. Policy Updates
We may update this Security Policy from time to time. Significant changes will be communicated through our website.
By using our website, you agree to adhere to this Security Policy and support a safe online shopping experience for all customers.
Thank you for helping us keep Pura Vida Books a secure and trusted platform!