First and foremost, The GMA does not retain any personally identifiable financial data such as credit card numbers. We use PCI-DSS compliant third-party payment gateways to process transactions, and as such the payment processor manages all your financial data.
- Processing: Any operation or set of operations which is performed on Personal Data or on sets of Personal Data.
- Data subject: A natural person whose Personal Data is being Processed.
Personal Data means any information relating to an identified or identifiable natural person. An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.
Hacking & Fraud Prevention
The GMA uses the USA-based hosting provider called Digital Ocean. In order to provide our clients with high performance and excellent security, we are using their cloud-based Virtual Private Server, also based in the USA, with their baseline firewall called an Uncomplicated FireWall (UFW).
Internal Website Security Measures
The GMA employs a suite of modules, addons and features built into the website to further reduce hacking attempts and minimize fraudulent transactions.
Certain countries and regions are known to present a high risk for fraud and hacking. We block the IP addresses from those areas and prevent them from ever accessing the website. Blocked IP addresses will be added or removed as needed.
We integrate Google reCAPTCHA service into our forms to protect our site from spam and abuse. It uses advanced risk analysis techniques to tell humans and bots apart.
We use industry-standard Secure Sockets Layer (SSL) encryption technology to keep internet connection secure and safeguarding any sensitive data that is being sent between our site and another system like for example, 1. our website and your browser or 2. our payment gateway and the payment processor. There are visual cues on your browser to verify that our website is protected by SSL. First, you can check that our complete web address starts with “https://” rather than “http://”. That extra “s” stands for secure. Second, the secure connection is indicated by the presence of a padlock icon just to the left of the web address.
The actual number of cookies used by the www.gmeta.org website will vary.
We ensure that the SSL certificate is valid and encryption is in operation. To verify, a user may click on the lock symbol, then click “Certificate” to view the certificates details including the valid dates and issued party (www.gmeta.org).
Security Breach Notification
We want you to feel confident and secure in all your interactions with the GMA and our website. As discussed above, we are focused on securing your personal data. However, the internet is a global communications vehicle open to threats, viruses and intrusions from others and so we can never guarantee, nor should you expect, that we will be able to protect your Personal Data at all times and in all circumstances. If you have an account with us, note that you must and are expected to keep your username and password secret.
In the unlikely event that our security is ever compromised and your personal information is accessed, the GMA will notify you in a timely manner, as per GDPR guidelines within 72 hours of the event being detected. As stated above, the GMA does not store any financial data like credit card numbers. Therefore, any potential breach of our website would be limited to non-financial Personal Data such as your name, physical address, email address, phone numbers and other Personal Data that may have been entered as part of registrations, subscriptions, and purchases.
Changes to this Policy
We reserve the right to modify this policy at any time, so please review it frequently. Changes and clarifications will take effect immediately upon their posting on the website. If we make material changes to this policy, we will notify you here that it has been updated, so that you are aware of what information we collect, how we use it, and under what circumstances, if any, we use and/or disclose it. It is the user’s responsibility to check this page periodically for changes. The user’s continued use of or access to the website following the posting of any changes constitutes acceptance of those changes.
If our website is acquired or merged with another organization, your information may be transferred to the new owners in order to continue selling products to you.
Questions and Contact information
If you would like to view, edit or delete any of your information we have accessible, or simply want more information regarding our policies email us at firstname.lastname@example.org.