Coljam Consultants Ltd Home Page Coljam Consultants Ltd Design and Consultantcy Portfolio Web Design Contact Coljam Consultants Ltd
More Helpful Pages

How Do I Protect My Customers' Privacy and Data?

You're right to be concerned. Different countries have different laws about how you should store and protect customers' private information, and it's up to you to make sure you're following the rules. There are a few basic things that you can and should do.

    Always Use SSL For Transactions

SSL, or Secure Socket Layer, provides security for transactions that travel over the internet. It works with the uploading/downloading process and your web server and nearly all up-to-date browsers accept SSP certificates by default, and will notify users if they are entering or leaving secure areas, and will show them (by use of a security icon) if their data is being protected.

Here's how it works: When you connect to a web site using SSL, your browser asks the server to authenticate itself, or confirm its identity. The authentication process uses encryption to verify that with a trusted independent third party, called a certificate authority (the most common are Thawte and VeriSign), has registered and identified the server. SSL can also authenticate connecting users or their computers.

SSL encrypts the user's data before it is sent, and incorporates a mechanism for detecting alteration in transit, so that eavesdropping on or tampering with web traffic is nearly impossible. This is critical for transmitting confidential information such as credit card numbers.

To use an SSL certificate on your website, you must register with the certificate authority and purchase a certificate which is then configured on your server (the computer space on which your website actually resides).

    Have a Privacy Policy

If you're taking private information from people such as their real name, address, even their email address, have a privacy policy available on your website that tells people what you will and will not do with that information. Then do what you said you were going to do. You're obligated!

    Let Them Opt Out

If you're going to send occasional emails and updates to your customers from whom you have previously collected addresses, you must give them the option of "opting-out" to those contacts. There's nothing wrong with sending an automated email to verify their address as part of the signup process, but beyond that, you should always give users the option of saying "no thank you" to further email from you. If you don't, you may be in violation of anti-spamming laws in the USA, the UK and other European countries, and Australia. Breaking these laws can not only land you in hot water legally, but your website can be completely shut down by your host (the people that own the computers where your website lives) without notice.

    Let The Bank Handle The Money

Another Option: Many Banks have their own system for handling credit cards online which can be integrated into your website. WorldPay.com is one such option. WorldPay is a system run by the Royal Bank of Scotland and it allows you to let them handle all the credit card information with your customers, so you don't ever see a credit card number. This protects you from some liability, and also ensures that your customers are using an established and well-known security system to handle their money.

We can go over the many options for your online shop with you, and help you find the most secure way of handling the information you've been entrusted with.

More pages:

Why Does My Business Need A Website?
What Type Of Website Do I Need?
What is SEO, and why does it matter?
What Domain Name Should I Choose?
Why Does No One Visit My Website?

© 2008 Coljam Consultants Ltd. All Rights Reserved. Web Design - Perth Scotland