We do not use vulnerability scanning.
An external PCI compliant payment gateway handles all credit card transactions. We use regular malware scanning.
Your PII is contained behind secured networks and is only accessible by a limited number of persons who have special access rights to such systems, and are required to keep the information confidential. In addition, all sensitive/credit information you supply is encrypted via Secure Socket Layer (SSL) technology.
We implement a variety of security measures when a user enters, submits, or accesses their information to maintain the safety of your personal information.
All transactions are processed through a gateway provider and are not stored or processed on our servers.
We do not sell, trade, or otherwise transfer to outside parties your PII except as specifically required for business purposes. However, we and our affiliates may disclose your PII:
Yes.
The Fair Information Practices principles form the backbone of privacy law in the United States and the concepts they include have played a significant role in the development of data protection laws around the globe. Understanding the Fair Information Practice principles and how they should be implemented is critical to comply with the various privacy laws that protect PII.
In order to be in line with Fair Information Practice principles, we will notify you within seven business days should a data breach occur.
We also agree to the Individual Redress Principle, which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
In order to be in line with Fair Information Practice principles, we will notify you within seven business days should a data breach occur.
We also agree to the Individual Redress Principle, which requires that individuals have the right to legally pursue enforceable rights against data collectors and processors who fail to adhere to the law. This principle requires not only that individuals have enforceable rights against data users, but also that individuals have recourse to courts or government agencies to investigate and/or prosecute non-compliance by data processors.
If at any time you would like to unsubscribe from receiving future emails, or otherwise exercise your rights with respect to your PII, you can email us at investor.relations@legacy-group.co and we will promptly remove you from all correspondence if so desired.