Securing Your Data – SkyFall Meteorites
Translate: EN
Create Account

Securing Your Data

We are not a big box retailer, but we take security just as seriously as they do – perhaps even more so.  This site has security measures in place to protect against the loss, misuse and alteration of the information under our control.  We follow security standards, processes and procedures that are designed to oversee the effective and secure processing of your personal data data and improve your shopping experience.  Your personal data is processed by our staff in the USA. Please review the policy below carefully as well as  our Privacy Policy and Website Terms of Service.

First and foremost,  SkyFall Meteorites does not retain any personally identifiable financial data such as credit card numbers. We use PayPal, a PCI-DSS compliant third-party payment gateway to process transactions, and as such the payment processor manages all your financial data.

By visiting www.skyfallmeteorites.com, you are accepting the practices and limitations described in our Privacy Policy, Security Policy and Website Terms of Service.

Last material change to the Privacy Policy was made Oct. 18, 2019.

Definitions

  1. Processing:  Any operation or set of operations which is performed on Personal Data or on sets of Personal Data.
  2. Data subject: A  natural person whose Personal Data is being Processed.
  3. Personal Data: As we have clients located around the world, SkyFall Meteorites has integrated the European Union’s  GDPR policies and requirements within the relevant aspects of its Privacy Policy and Security Policy. Furthermore, SkyFall Meteorites has adopted the GDPR definition for “Personal Data” stating:

Personal Data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.

Hacking & Fraud Prevention

Hosting Provider

SkyFall Meteorites uses the USA-based hosting provider called Digital Ocean. In order to provide our clients with high performance and excellent security, we are using their cloud-based Virtual Private Server, also based in the USA, with their baseline firewall called an Uncomplicated FireWall (UFW).

External Website Security Measures

SkyFall Meteorites has deployed external and independent website security measures powered by Sucuri. This service features the following security measures:

  1. Scans website every 12-hours to detect and, when needed, remove malware.
  2. A Web Application Firewall (WAF) from our hosting provider, inspects incoming data and automatically removes malicious code before it can infect our site and prevents DDoS attacks.
  3. Prevents brute force attacks on passwords by stopping hackers from executing scripts that run through every password combinations.
  4. Implements additional security countermeasures such as injection prevention, cross-site scripting (XSS) prevention and zero day prevention.

Internal Website Security Measures

SkyFall Meteorites employs a suite of modules, addons and features built into the website to further reduce hacking attempts and minimize fraudulent transactions.

  1. Certain countries and regions are known to present a high risk for fraud and hacking. We block the IP addresses from those areas and prevent them from ever accessing the website. Blocked IP addresses will be added or removed as needed.
  2. We integrate Google reCAPTCHA service into our forms to protect our site from spam and abuse. It uses advanced risk analysis techniques to tell humans and bots apart.
  3. We use industry-standard Secure Sockets Layer (SSL) encryption technology to keep internet connection secure and safeguarding any sensitive data that is being sent between our site and another system like for example, 1. our website and your browser or 2. our payment gateway and the payment processor. There are visual cues on your browser to verify that our website is protected by SSL. First, you can check that our complete web address starts with “https://” rather than “http://”. That extra “s” stands for secure. Second, the  secure connection is indicated by the presence of a padlock icon just to the left of the web address.
    Note that the text “Cookies (61 in use)”, represents all the cookies in use across all the websites we had open at the time of the screen capture. The actual number of cookies used by the www.skyfallmeteorites.com website is far less than 61.
  4. We ensure that the SSL certificate is valid and encryption is in operation. To verify, a user may click on the lock symbol, then click “Certificate” to view the certificates details including the valid dates and issued party (skyfallmeteorites.com).  

Security Breach Notification

We want you to feel confident and secure in all your interactions with SkyFall Meteorites and our website. As discussed above, we are focused on securing your personal data. However, the internet is a global communications vehicle open to threats, viruses and intrusions from others and so we can never guarantee, nor should you expect, that we will be able to protect your Personal Data at all times and in all circumstances.  If you have an account with us, note that you must and are expected to keep your username and password secret.

In the unlikely event that our security is ever compromised and your personal information is accessed, SkyFall Meteorites will notify you in a timely manner, as per GDPR guidelines within 72 hours of the event being detected. As stated above, SkyFall Meteorites does not store any financial data like credit card numbers. Therefore, any potential breach of our website would be limited to non-financial Personal Data such as your name, physical address, email address, phone numbers and other Personal Data that may have been entered as part of registrations, subscriptions, and purchases.

Changes to this Policy

We reserve the right to modify this policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it.  It is the user’s responsibility to check this page periodically for changes. The user’s continued use of or access to the website following the posting of any changes constitutes acceptance of those changes.

If our website is acquired or merged with another company, your information may be transferred to the new owners in order to continue selling products to you.

Questions and Contact information

If you would like to view, edit or delete any of your information we have accessible, or simply want more information regarding our policies email us at privacy-security@skyfallmeteorites.com.

New Account

Password Strength Very Weak
Lost your password? Please enter your username or email address. You will receive a link to create a new password via email.