Security Protocols and Data Protection Policy

This document outlines the security measures and data protection protocols implemented by BuckDaddy concerning its payment gateway services and associated operations.

I. Security Posture of BuckDaddy

A. Foundational Commitment to Security. Security is paramount across all global industries, particularly within financial services. BuckDaddy prioritizes robust security measures as a fundamental operational imperative.

B. Compliance and Certification.

1. PCI DSS Level 1 Certification. BuckDaddy's Gateway Technology Partners are certified at Payment Card Industry Data Security Standard (PCI DSS) Level 1. The PCI DSS constitutes a comprehensive set of security standards designed to ensure that all entities involved in the acceptance, processing, storage, or transmission of credit card information maintain a secure environment. This standard is administered and managed by the Payment Card Industry Security Standards Council (PCI SSC), an independent body established by American Express, Discover Financial Services, JCB International, MasterCard, and Visa Inc. The PCI SSC is responsible for the maintenance, evolution, and promotion of Payment Card Industry Security Standards, alongside providing essential tools for their implementation, including assessment and scanning qualifications, self-assessment questionnaires, training, education, and product certification programs. Further information can be obtained from the PCI Security Standards Council via phone at +1-781-876-8855 or their website at www.pcisecuritystandards.org.
2. Enforcement of Security Policy and Guidelines. BuckDaddy's commitment to compliance and certification extends beyond mere documentation, representing an ingrained practice and operational philosophy. BuckDaddy employs dedicated security experts who actively promote international security practices, and are responsible for the design, oversight, and assessment of the information security posture of BuckDaddy, its partners, and its clients.

II. Secure Data Exchange

A. SSL (Secure Socket Layer) Implementation. BuckDaddy ensures secure application communications through the implementation of SSL (Secure Socket Layer) technology. BuckDaddy offers solutions via both web and mobile applications. SSL certificates are installed to facilitate secure data communication from client computers or mobile devices to BuckDaddy servers. For the issuance of these certificates, BuckDaddy has undergone comprehensive organizational validations to uphold the highest levels of trust and authentication for its users.

B. SSL Certificate Provider.The SSL certificates utilized by BuckDaddy are provided by Let's Encrypt. Let's Encrypt's certificates are trusted by virtually all major browsers and devices, offering free, automated, and open certificates for everyone. These certificates secure websites and servers with strong encryption. Further details are available from Let's Encrypt via their website at https://letsencrypt.org.

III. Data Privacy and Protection

A. Adherence to Privacy Regulations.Data privacy is recognized as a fundamental right by directive of applicable laws and local regulations. BuckDaddy adheres rigorously to principles designed to protect personally identifiable information and other sensitive data collected, stored, used, and destroyed across all forms through its services.

B. Access to Personal Information.For inquiries regarding access to or updates of personal information held by BuckDaddy within its powered products and services, please contact [email protected].

C. Published Privacy Policy.BuckDaddy's comprehensive Privacy Policy is publicly available at https://buckdaddy.net/privacy-policy.

D. Security of Cookies.BuckDaddy is committed to ensuring the security of all cookie-related information.

E. Published Cookie Policy.BuckDaddy's Cookie Policy is publicly available at https://buckdaddy.net/cookie-policy.

IV. Security and Privacy for Website Newsletter

BuckDaddy utilizes AWS SES (Amazon Web Services Simple Email Service) for its email distribution. By clicking the subscribe button, users acknowledge and consent to the processing of their personal information by AWS SES solely for email distribution purposes, in accordance with Amazon's privacy practices, which can be reviewed at https://aws.amazon.com/privacy/.