System Security

1. System Security

At NatureOil™, your data privacy and transaction security are our top priorities. Our store is built on Shopify’s highly secure infrastructure to provide you with peace of mind every time you shop with us.

2. Platform-Level Security
  • SSL Encryption: Our site uses 256-bit SSL encryption to protect all data in transit.
  • PCI DSS Compliance: Shopify is Level 1 PCI DSS certified to handle all payment transactions securely.
  • 24/7 Monitoring: Shopify’s security team monitors the platform continuously to detect and prevent threats.
3. Admin & Access Control
  • Two-Factor Authentication (2FA): All admin logins require 2FA for enhanced protection.
  • Role-Based Access: We assign specific access levels to staff based on their roles.
  • Login Activity Logs: Admin activity is logged and monitored to detect suspicious behavior.
4. Data Privacy & Protection
  • Encrypted Customer Data: Your information is securely encrypted both at rest and in transit.
  • Compliance with Data Laws: We follow GDPR and Singapore PDPA requirements.
  • Regular Backups: Shopify performs automated backups to ensure data can be restored if needed.
5. App & Integration Security
  • Verified App Usage: We only integrate with trusted apps reviewed by Shopify.
  • Secure API Keys: API access is limited, rotated regularly, and secured with proper tokens.
  • HMAC Verification: Webhooks are authenticated to prevent tampering.
6. Customer-Side Protections
  • Secure Checkout: All purchases are processed through Shopify’s secure payment gateway.
  • Fraud Detection: Orders are screened using Shopify’s fraud analysis tools.
  • reCAPTCHA Enabled: We use CAPTCHA on forms to prevent bots and spam.
7. Real-Time Monitoring & Alerts
  • Admin Alerts: Admins receive instant notifications of critical activities or changes.
  • Activity Audits: We routinely review backend logs for anomalies.
  • Optional Third-Party Protection: We enhance Shopify's built-in security with optional apps for added monitoring.
8. Incident Response Plan
  • Breach Containment: In case of a breach, we immediately isolate and contain affected areas.
  • Customer Notification: Affected customers will be informed promptly, if applicable.
  • Legal Compliance: We follow PDPA/GDPR protocols for breach disclosures and remediation.

If you have questions or concerns about our store’s security, please contact our support team at support@natureoil.com.