Security — VayKLife

PCI Compliance

We runs quarterly scans and maintains PCI Compliance verified by Comodo.

Secure Site Protocol

All user and internal access of data is through a secure HTTPS connection protocol verified with a Comodo security certificate.

Guests Data Protection

ROX360 understand the concerns of data protection in the current climate and the rights of an individual’s personal data. To provide the peace of mind our partners expect we implement the following procedures. 1) 2 Weeks after checkout, we remove the guest name, email and phone number from their reservation record and contact record in both our system and our CRM. We do retain a record of ROX360 communication via email or text of our guests for your guests protection, posterity and performance monitoring. 2) We implement strict procedures regarding all our systems access, employ malware protection, and utilize hard firewalls. While one can never guarantee 100% protection, ROX360 takes an active interest in protecting your guests data.

General Data Protection Regulation (GDPR)

This regulation does not apply directly to ROX360 as our business is conducted and based outside of EU countries nor do we specifically target the selling of goods and services to customers or businesses in the EU. However, we are watching the regulation and how it may effect us in the future. At this time, we believe our security and pr ivacy practices are inline or above similar US companies.

General Hacking and Malicious Attack Protection

ROX360 maintains on server security software that prevents denial of service attacks, unauthorized access, malware and defacing.

Online Payment/Refund Transactions

Secure online payment, refunds, etc. are made through Authorize.net using the Authorize.net SDK with verification of SSL required for transaction.

Server Security & Backups

We utilize dedicated servers and run regular off-site backups. We do not share server access or resources with any third-parties.

We run Ubuntu Linux servers that are extensively hardened and tested against security exploits. All unnecessary services are disabled, all security patches are up-to-date, and servers are audited regularly for attempted break-ins. Our systems administrators actively maintain awareness of new security developments, and as Open Source systems, Ubuntu are easy to update with new protections.

Our network is overbuilt with spare capacity and redundancy. Our custom network monitoring systems ensure that attacks and other anomalies are identified and responded to promptly.

Sensitive Data Storage

We do not store a full credit card number in our database, though the user does enter it when ordering.

Sensitive Data Access

All access to user data is password protected, and user access controlled. All administration takes place via a secure HTTPS connection protocol.

Email Blacklist Monitoring

ROX360 utilizing services such as MX Toolbox to monitor 94 known blacklists for our email sending initiatives.