Security Policy for Duty Free Cigs UK

  1. Introduction
    At Duty Free Cigs UK, we prioritize the security of our customers’ personal information and ensure that our data protection measures are robust and compliant with relevant regulations. This security policy outlines our practices and commitments to safeguarding your data.
  2. Data Protection Measures
    We implement a comprehensive set of security measures to protect your personal information, including:
  • Encryption: All sensitive data, such as payment information, is encrypted using industry-standard encryption protocols to prevent unauthorized access.
  • Access Controls: We enforce strict access controls to ensure that only authorized personnel can access your personal information. This includes role-based access and regular audits of access permissions.
  • Secure Data Storage: Your data is stored in secure facilities with physical and electronic security measures in place to protect against unauthorized access, theft, or destruction.
  • Regular Security Audits: We conduct regular security audits and vulnerability assessments to identify and mitigate potential risks to your data.
  1. Incident Response
    In the event of a security incident, we have a well-defined incident response plan to minimize the impact and notify affected individuals promptly. Our response plan includes:
  • Incident Detection and Reporting: We use advanced monitoring tools to detect and report security incidents in real-time.
  • Incident Containment and Eradication: Our team works to contain and eradicate the incident, preventing further damage.
  • Notification: We will notify you and relevant authorities if your personal information has been affected by a security breach, in accordance with legal requirements.
  1. Third-Party Security
    We ensure that our third-party service providers adhere to our security standards and protect your personal information. We conduct due diligence and regular reviews of their security practices to maintain the integrity of your data.
  2. Employee Training
    Our employees undergo regular training on data protection and security best practices. This ensures that everyone involved in handling your personal information is aware of their responsibilities and the importance of maintaining security.
  3. Compliance and Standards
    We comply with relevant data protection regulations, including the General Data Protection Regulation (GDPR), and adhere to industry standards to ensure the security of your personal information. We regularly review and update our security policies to reflect changes in technology and regulations.
  4. User Responsibilities
    While we implement robust security measures, we also encourage our users to take responsibility for their data security. This includes:
  • Using strong, unique passwords and changing them regularly.
  • Keeping personal information up-to-date and accurate.
  • Being cautious of phishing attempts and other social engineering tactics.
  1. Contact Information
    If you have any questions or concerns regarding our security policy, please contact us at:
    info@dutyfreecigs.is
    We are committed to addressing any issues or inquiries you may have. This security policy is designed to complement our privacy policy and provide a comprehensive approach to data protection and security.