This site uses state-of-the-art
digital encryption and security technologies to protect the privacy and security
of our member information and has specific security measures in place to protect
the loss, misuse and alteration of the information under our control.
All data passing from your
computer to PartingWishes.com is authenticated and encrypted using 128-bit
Secure Socket Layer (SSL) encryption using technologies provided by Thawte
Corporation. This is the most advanced level of
encryption available today, and it means that any information sent from your
computer is scrambled in a way which makes it completely unintelligible if
intercepted. When you are on a secure section within the PartingWishes.com site
(i.e. after you have logged in as a member), a padlock will appear at the bottom
of your web browser's screen. This is your assurance that the encryption is in
place and that you are communicating across a secure link. To verify the
validity of our web site's SSL encryption certificate, click on the Thawte
graphic which appears on every one of our secure pages.
We do not store any
of your credit card information. All credit card
transactions are processed through a third party secure gateway, and the
information your provide is only used for making the current transaction.
No information about your or about your credit card is ever stored on our web
site, in our databases, on our web servers, or on the secure gateway server.
All sensitive
personal information is stored in a highly encrypted format on our server.
We use an industry standard high security streaming-encryption algorithm known
as "RSA" to encrypt all sensitive personal information before it is stored
online. RSA is a public-key cryptosystem developed by MIT professors Ronald
Rivest, Adi Shamir and Leonard Adleman. (To give you a feeling for the level of
security provided by this encryption, it has been estimated that with the most
efficient algorithms known to date, it would take a computer operating at 1
million instructions per second over 300 quintillion years to break the
encryption.) Also, the encryption method used ensures that the only way
possible to access and view the sensitive personal information stored here by a
PartingWishes.com member is by using a private internal encryption key which is
unique for every member. Our software algorithms ensure that the
encryption and decryption of a member's sensitive personal information can only
be performed by the member themselves, or by those designates to which the
member has provided a separate unique key known as a "Keyholder® ID". It is
not even possible for the operators of this web site to decrypt a member's
sensitive personal information without knowledge of this encryption key.
As an additional security measure, all successful and
unsuccessful attempts to login to a member's account are logged in our database
along with date/time stamps, IP addresses, and other detectable information from
the user. This information will be used for law enforcement purposes and
for the protection of our members should there be any suspicion of unauthorized
access to our database.
Furthermore, we offer members the option of receiving an email
alert message whenever their sensitive personal information is accessed,
or attempted to be accessed, using a valid key. If unauthorized access is
suspected, clicking a link within the email will immediately disable access to
the member's sensitive personal information for that key, until the member
re-enables the access themselves, or until we are contacted by the member and
provided with specific information validating their identity.
To protect against catastrophic
data loss, daily backups are performed on each of our servers to separate
locations in Canada and the U.S. Hence, if any one of our servers experienced
technical difficulties, our member data would not be at risk.
We also employ a number of physical security mechanisms to
ensure the physical protect of your information. Physical protection of our
systems includes:
 |
Fire detection and fire
suppression systems with dry pipe pre-action sprinkler systems
|
|
N + 1 redundant power supplies,
providing dual power feeds and backup batteries, water coolant systems and
generators
|
|
N + 1 redundant climate
control, providing primary and backup chiller units, cooling towers, and water
storage
|
|
Local network operations center
(NOC) for monitoring all data center operations
|
|
24x7 monitoring and support of
network connection and server availability
|
|
24x7 uniformed guard service
with interior and exterior closed-circuit television surveillance
|
|
Electronic access at all data
center entrances, including biometric hand scanners
|
|
Electronic key management
systems and individually keyed cabinets
|
