ArchPrint Security Policy to its Customers
ArchPrint takes the necessary safety measures to protect your personal and credit card information. The ArchPrint store is hosted on a secure server that encrypts connections between your computer and our server using the industry-standard encryption technologies SSL (Secure Socket Layer) and HTTPS (Hypertext Transfer Protocol Secure).
Our URL addresses start with "HTTPS" rather than "HTTP" whenever your credit card information is shown, and a locked padlock icon will appear in your status bar to let you know that the connection is safe and SSL encryption is being used. During the order's processing, your credit card information will be given to your credit card company. You can be confident that we have validated our identity and are securing your information because our website has been authenticated with an SSL certificate.
You will be requested to enter contact and billing information when placing an order online through our shop. This information will only be used to complete your order if you decide not to register an account with ArchPrint.
You will get an order confirmation email from ArchPrint after placing an order. Your name, billing address, phone number, and email address will be listed on the order confirmation email. Your payment card information will never be requested by our customer service team through any form of communication, including phone calls and emails.
We have been working with renowned payment gateway providers to ensure the highest possible level of security for our online store transactions. Below are the features of our payment gateway system:
Security Policy Procedures enforced by ArchPrint
1 Policy Declaration
ArchPrint shall adopt and adhere to well-defined and tried-and-true plans and procedures in order to maintain the integrity, availability, and authenticity of its website and all information contained therein as well as to meet the enterprise's business objectives and ensure the continuity of its operations.
The website of a company serves as its portal to the outside world.
The information on the website is taken to be genuine declarations from the organization's administration.
It is crucial to keep the website's integrity and accessibility by publishing only verified material.
The Website Security Policy lays out guidelines for maintaining the reliability, accessibility, and validity of the ArchPrint website.
3. 1 Employees at Arch Print
All full-time staff, part-time staff, trainees, VIP clients, and other guests are subject to this.
Website Security Policy and associated procedures and guidelines shall be included in the Website Security Policy documents.
3.3 Document Management
All other papers referred to in the Website Security Policy document shall be controlled. The purpose of version control is to maintain both the most recent release and the previous version of any document. For legal and knowledge preservation purposes, the prior version of the documents must only be kept for two years.
Records created in accordance with the Website Security Policy must be kept for two years. Records must be kept in hard copy or on digital media. The records must belong to the appropriate system administrators and must undergo an annual audit.
3.5. Maintenance and Distribution
All personnel included in the scope must have access to the Website Security Policy document. The individuals affected must have access to all updates and revisions to this document. The PIC and website administrator are responsible for updating the Website Security Policy document.
The Website Security Policy document must be marked as "confidential" and given to the appropriate people with appropriate access controls. This document shall be managed in all subsequent revisions and versions.
The correct application of the Website Security Policy is the responsibility of the designated personnel and website administrator.
The guidelines established for maintaining the website's security are as follows:
The website must be created and maintained in accordance with all applicable Government of Malaysia regulations.
If a web application or internal link needs user identity before processing, or if accessed data has been designated as "sensitive" and needs additional authorization, the user must register for secured access to the website.
The information must be gathered for statistical purposes in order to make site maintenance easier. Summarized usage statistics will be compiled by ArchPrint using software, which can then be utilized to determine what content is most pertinent to users. The information gathered in this way can be utilized to identify system performance, provide technical design requirements, or locate issue areas.
Any attempts to identify specific users or their usage patterns must be avoided, save from authorized security investigations and data collecting. According to schedules established by the web administrators, accumulated data logs will be regularly deleted.
Unauthorized efforts to upload data or modify website content are strictly forbidden and may be subject to legal repercussions under applicable cyber laws.
Only employees, clients, customers, and vendors with legitimate business reasons to access such data will be permitted access to sensitive or proprietary company information on the websites. Everyone who registers on the website and is given security access will have a user name (referred to as the User ID). The user who registered a User ID is accountable for all activities taken with that ID.
It is forbidden for users who have access to password-restricted content on the website to divulge or share their credentials with any other parties. If a User ID or password is misplaced or stolen, or if the User thinks someone not authorized has learned it, the User will tell ArchPrint right away.
If there is any doubt as to whether a particular User ID or password was used in conjunction with a given action, ArchPrint's records shall be final and decisive.
Uploading information or documents to social networking sites requires proper authorization from the relevant authority and the use of designated, vetted individuals.
7 Enforcement of the ArchPrint's Security Policy
Any employee who is found to have violated this policy may face disciplinary action in accordance with the HR Policy and in accordance with compliance with Malaysian laws and regulations.