Keeping our customers' data secure is very important to us. With a background in infosec, we go to considerable lengths to keep you and your data safe online.
We want to share some of the details of what we do to keep things secure. This is not exhaustive (some things we want to keep secret) but here are a few things we do:
1. SSL Certificate.
Secure Sockets Layer (SSL) is a security level for protecting transmitted information between a server and a 'user's browser.
SSL certificate ensures users to confidently enter private information such as account login data, or credit card numbers. SSL secures data from third-party services as well as Internet hackers. Note that Google blocks sites, that do not support SSL, and provides protected sites with a better search engine ranking.
wildthings.club is an encrypted website, so the official website starts with HTTPS.
2. We do not store payment details.
Your credit card data is not seen, processed or stored in any way by Wild Things.
Wild Things is not in the business of storing or processing payments. All payments made to Wild Things go through our partner, Stripe. Stripe is arguably the industry leader in online payment solutions with extremely robust security measures.
If you choose to save your card details to your Wild Things account, whilst we display the last four digits in your dashboard to you, we aren't actually storing them. We're securely requesting them from Stripe as you load the page. Clever huh.
3. Codebase Security.
We follow best practise when developing the codebase for wildthings.club, and frequently roll out updates to the underlying languages and infrastructure.
We also perform regular audits and static code analysis of our codebase.
4. Data Security.
Our infrastructure and data is hosted by Amazon Web Services facilities in Australia, who offer world class security and compliance.
For a further layer of security, database content (names, email addresses etc) is fully encrypted at rest - so even if someone gains access to our database, much of the data would be useless to them.
There's a heap of other things we do, but I am going to keep that a secret, for even better security. Like not telling would-be burglars what model alarm you have...
5. Your Security.
If your account profile is set to Visible, only other active VIP Members who also have their profile set to Visible can see your profile page. You can also control your profile visibility within your account settings.
Your Strava data, activities and routes are not shared or seen by any other members. If you set a Strava activity to Private, we will also delete any data we have received for that activity.
If you reach out to our team, sometimes you might find we ask a few extra questions before actioning a request. Yup, this can be frustrating, but we're doing it to protect you and your account.
If you're chatting to us via our Live Chat, we're also doing some clever HMAC authentication in the background.
We need to make sure it's actually you π
6. Ongoing enhancements.
We are actively looking at supporting Two-factor Authentication (2FA) on accounts, along with passwordless, and SSO login.
You are probably also interested in checking out our Cookie Policy and Privacy Policy too.
If you have any questions or concerns, please contact us.