Security Policy
Introduction
We take security very seriously, yet we have to strike a balance between increased levels of security and making transacting with us convenient for you. We are Rental Connect (Pty) Ltd (registration number 2011/131109/07), also known as reOS, and this is our plan of action for safeguarding our website and your personal information from harm, such as unauthorised access, destruction, or loss. This plan describes our responsibilities, our disclaimers, your responsibilities, and has special provisions that deal with phishing and credit cards.
Our responsibilities
We will:
- host our website on a secure server that uses a firewall and other security measures to prevent unauthorised access to it;
- protect your information that we store in or process through our systems using encryption or other appropriate information security measures;
- ensure that links from our systems to third-party systems (such as our payment gateways) control are secure;
- backup all data on our systems so that we can recover it in case of data audits or disaster;
- log all access instances to our systems to better identify and resolve unauthorised access issues;
- use a payment gateway that is sufficiently secure (in terms of accepted technological standards at
the time of the transaction and the type of the transaction) and takes reasonable steps to secure your payment information.
Our disclaimers
Disclaimer. We will do our best to prevent our website and your information from being compromised and will help you resolve a security problem whenever we can. However, we are not responsible for compromises caused by:
- harmful code – entering our website, such as viruses, bugs, Trojan horses, spyware, or adware;
- your fault or your computer – problems or loss caused by your information you provide to us
(such as inaccurate personal information) or your computer being infected by harmful code or
otherwise compromised (such as being accessed by an unauthorised person or otherwise hacked); - factors beyond human control – such as fires, floods, or other natural disasters.
Third-party systems. Third parties are responsible for the security of information collected by, stored on, or passing through their systems, even if we link to those systems.
Your responsibilities
No compromise. You may not do (or let anyone else do) anything that might compromise our system.
Protect your credentials. If you create a username, password, or other credentials when you register on or submit information through our website, then you should take the following steps to secure those credentials:
- never share them with anyone;
- never send them via email; and
- make any passwords as strong as possible.
If you choose to share your credentials with anyone, we will not be liable for any direct or indirect damage you may suffer.
Recommended steps. You should take the following steps to secure your personal information:
- conduct awareness training or otherwise keep yourself and your personnel educated on security
best practices; - install security software on your device, including anti-virus, anti-spyware, and anti-spam
software; - regularly scan your device for viruses and other malicious software; and
- keep security software updated to ensure you are always running the latest version with the
latest definitions.
Additional steps. You could take the following steps for your own security:
- check your Internet browser’s security settings for ways to make your browsing more secure;
- make sure that you have entered secure pages when filling in your personal information; and
- log out after you have transacted electronically.
Phishing
Awareness. Be aware of ‘phishing’ attacks where criminals attempt to get your personal information by sending you an email, masquerading as an email from us, asking you to access your account or verify information through links in the email, or diverting you to a fake version of our website.
Legitimate URL. You must only log into our website from a legitimate URL associated with us that you know and trust, such as one based on our name that we have communicated to you in writing. Please be wary of phishing websites that use illegitimate URLs designed to trick you into thinking they are our website, such as by using common misspellings of our name, different domain suffixes, or other words associated with our business.
Confirmation through links. We will not generally ask you to confirm your credentials or other personal information by clicking on any links in an email other than in any email link we send you after registration, the first time you submit information through our website to verify your identity, or if you ask us to reset your credentials.
Reporting. Please report any suspected phishing attacks to us immediately by sending an email to security@reOS.co.za to prevent any harm to you or others.
Credit cards
Safe and secure. Transacting with us electronically (including transacting and using your credit card on our website) is safe and secure.
Payment processing. Our payment gateway handles all credit-card transactions on our behalf, uses the strictest form of encryption, and has their own security certificate and policy which you can view on their website.
Payment verification. A Certificate Authority (or CA) checks, verifies, and certifies our payment gateway’s company registration documents and domains to ensure that nobody can impersonate them to get your payment information.
Secure URL. Once you begin the payment process, your browser will establish a secure Internet connection with our payment gateway. You can see this when the website URL changes from ‘http’ to ‘https’ and a small padlock symbol appears.
General
Contact us. Please report any suspicious or unauthorised activity relating to your use of our website to us directly (hello@reOS.co.za), because it will help make our website as secure as possible.
Our right to take action. We may take whatever action we may deem necessary to preserve the security and reliability of our system.