PRIVÉPASS Information Security Policy

PRIVEPASS (THAILAND) LIMITED, its holding company and its affiliates (together as PRIVÉPASS) respect your concerns about information security. PRIVÉPASS is committed to protecting the security of the information we collect and maintain about our most important asset - our customers.

How we protect information about our customers

Industry-standard SSL (Secure Sockets Layer) encryption is always used to protect your purchase information while in transit.
Stored credit card information is always encrypted and maintained in an environment that has been certified as PCI DSS compliant by a qualified security assessor.
PRIVÉPASS website is constantly scanned and validated to verify application and network security.
All internal security standards, policies and practices are frequently reviewed and improved based on the current industry security practices.

Information security tips for protecting yourself

Never share your user ID or password. Anyone who holds your account login information can access your account and make a purchase without your permission.
Create a secure password. We would suggest that you choose a password that is at least seven characters and includes a mix of letters, numbers and special symbols.
Avoid using easily identifiable information in your password, such as your name or email address. .
Be cautious about using a public computer, as it may contain keylogger software designed to steal your login credentials. If you do decide to use a public computer to shop on the PRIVÉPASS website, do not forget to sign out from the website when you have finished using the public computer.

Email security

Emails can contain malware. You should not divulge any personal information or install any software on your computer through email; even if that email appears to be from someone you know and trust.
Install antivirus and firewall software on your computer to help protect yourself from scams and viruses.
PRIVÉPASS will never initiate the request for your account password or any other sensitive account information, such as your credit card details.
If you contact PRIVÉPASS Customer Support, we may verify your identity by asking for non-critical information, such as your account user name, shipping address or past order information.
If you have received a suspicious email that appears to have come from PRIVÉPASS or have concerns about an email request you have received from PRIVÉPASS, please forward the email to info@privepass.com.

On the phone

When you call PRIVÉPASS Customer Support, we may verify your identity by asking for information such as your current shipping address, order information or the last four digits or expiration date of the credit card we have on file for your account..
Under no circumstance will any PRIVÉPASS Customer Support or other PRIVÉPASS staff ask for your full credit card number or account password.

SSL Certificate

When you go to Login or Check Out pages on the PRIVÉPASS website, you will notice the closed lock icon at the top or bottom of your browser or the “HTTPS://” prefix in the URL. This means you have established a secure SSL connection and that all data transmitted through this connection will be encrypted. If you are receiving SSL Certificate errors when accessing the PRIVÉPASS website, that means that the domain name in the SSL certificate does not match the address that is in the address bar of the browser. Alternatively, it may mean that yourbrowser is misconfigured and does not accept the root certificate used by PRIVÉPASS. Please contact info@privepass.com. if you encounter this error.

Fraud

If you suspect that any account information has been compromised or fraudulent charges have been made on your PRIVÉPASS account, please contact Customer Support immediately for assistance by emailing info@privepass.com. Or calling:

The US: 1-800-934-4073
China: 4008-210171 (Toll free)
Hong Kong: 800-906-183 (Toll free)
Singapore: 800-852-3840 (Toll free)
Thailand: +66 2-637-7991

Updates to this Information Security Policy

This Information Security Policy may be updated periodically and without prior notice to you to reflect changes in our information security practices. We will post a prominent notice on our websites to notify you of any significant changes to our Information Security Policy and indicate at the bottom of the policy when it was most recently updated.

Historical modifications

None