1. Introduction

Vitaleux is committed to safeguarding the privacy and security of all users and customers interacting with our website. This policy outlines the security measures we take to protect personal data, prevent unauthorised access, and ensure a safe browsing and shopping experience on our platform.

2. Data Protection

• Encryption: All data transmitted between our website and users is encrypted using SSL/TLS protocols (RSA 2048-bit with SHA256). This ensures that sensitive information, such as payment details and personal information, is securely transmitted.
• User Data: We collect minimal personal data necessary to process orders, manage accounts, and provide customer support. This includes names, addresses, emails, and payment details. This data is stored in compliance with GDPR and other data protection regulations.
• Payment Information: Vitaleux does not store credit card information on our servers. All payment transactions are processed through secure, PCI-compliant payment gateways.

3. Access Control

• User Accounts: Customers are required to create strong passwords for their accounts. We encourage regular password updates and provide password recovery mechanisms that are secure and straightforward.

4. Security Monitoring and Threat Prevention

• Firewalls and Intrusion Detection: Our website is protected by advanced firewalls to block unauthorized access. Regular monitoring is in place to detect any suspicious activity or potential breaches.
• Malware Scanning: We conduct daily scans of our website for malware and other vulnerabilities. If a threat is detected, immediate corrective action is taken.

5. Incident Response

• Data Breach Response: In the event of a data breach, Vitaleux will take immediate steps to mitigate the impact. Affected users will be notified within 72 hours, and corrective measures will be implemented to prevent future occurrences.
• Backup Systems: We regularly back up all essential data to ensure business continuity in the event of a cyber attack or technical failure.

6. Customer Responsibility

• Password Security: We advise customers to use strong, unique passwords for their accounts and to avoid sharing login credentials with others.
• Suspicious Activity: Customers are encouraged to report any suspicious activity or unauthorized access to their accounts immediately so that we can take appropriate action.

7. Third-Party Services

• Shipping and Inventory: We use Veeqo to manage inventory and shipping. All third-party service providers comply with industry security standards and regulations to protect customer data.

8. Compliance

Vitaleux is fully compliant with the General Data Protection Regulation (GDPR) and other relevant privacy and data security regulations. We are committed to ensuring that all customer data is handled responsibly and securely.

9. Continuous Improvement

Security is an ongoing process at Vitaleux. We regularly review and update our security practices to address new threats and technologies, ensuring that our website remains secure for our customers.

10. Contact Information

If you have any questions or concerns about our security practices, please contact us at:
Email: customersupport@vitaleux.co.uk