Security: The Data We Don’t Keep

Posted on by Larry

There’s been a lot of news lately about security breeches and stolen user data. Which started me thinking, again, about our own security. No company – especially a small company – is perfectly safe from hackers. So, I decided to write to let you know what information we keep about our visitors and customers.

When I first started selling seminars and products I thought carefully about the whole issue of security. (I was reminded of the apocryphal quote from Willie Sutton: “I rob banks because that’s where the money is.”)

So what I decided to do was minimize the information our company keeps on file to minimize the risks if we were hacked. As a result, all our customer information is stored locally (inside our company) in a secure database on a server which can only be accessed when a staff member is physically in the office.

FOR WEBSITE VISITORS

There is software that allows us to learn personal information about our visitors. We are not using it, because I don’t like it. We track aggregate information so I that I can compile statistics like most popular articles or to discover which articles generate very little interest.

FOR ALL CUSTOMERS

FOR VIDEO TRAINING LIBRARY CUSTOMERS

FOR DOWNLOAD PRODUCT CUSTOMERS

FOR CUSTOMERS REQUIRING WE SHIP THEM PRODUCTS

FOR SEMINAR ATTENDEES

FOR WEEKLY NEWSLETTER SUBSCRIBERS

CREDIT CARD PROCESSING

All of our credit card payments are handled by a separate company that specializes in credit cards. (These companies are called “Credit Card Processors” and are governed by the credit card companies themselves.) We also abide by all the financial security rules required by both the credit card processor and the credit card issuers themselves.

As part of these requirements, we are not legally allowed to keep credit card numbers or expiration dates on file. So, we don’t. This is why, when there’s a problem with your account, we need to contact you to get your card number so we can fix it.

All recurring billing for our Video Training Library subscribers is handled either by our credit card processor or PayPal, depending upon what you used when you first signed up.

And, for those times when we are working to resolve a technical issue and you give us a credit number to keep on file, we will only retain that card number as long as the issue is unresolved. As soon as the case is closed, we remove your card number from our records.

SUMMARY

Security is an ever-present concern, and we are always looking for ways to improve the security of our websites and financial processes. Because of this, I wanted to tell you what we are doing and the information we keep so that the only person that needs to stay awake at night worrying about this is me.

Thanks.

Larry


Bookmark the permalink.

One Response to Security: The Data We Don’t Keep

  1. Lou Hemsey says:

    Larry:
    Excellent presentation of your data policy. For me, I think it is extremely responsible and wish other companies would adopt a “only the bare minimum necessary” type of policy.

    Best, Lou Hemsey
    Lou Hemsey Music and Film
    H Entertainment inc

Leave a Reply

Your email address will not be published.

Larry Recommends:

FCPX Complete

NEW & Updated!

Edit smarter with Larry’s latest training, all available in our store.

Access over 1,900 on-demand video editing courses. Become a member of our Video Training Library today!

JOIN NOW

Subscribe to Larry's FREE weekly newsletter and save 10%
on your first purchase.