Security & Fraud

Effective Date: December 13, 2024
Company Name: Nerfeuo

At Nerfeuo, your security and privacy are our top priorities. We implement multiple layers of protection to ensure your shopping experience is safe, secure, and fraud-free.

Website Security

Our website is protected by SSL encryption (Secure Socket Layer) technology, which ensures that all sensitive data (such as credit card details, passwords, and personal information) is securely transmitted between your browser and our servers.

Your data is hosted on Shopify's secure infrastructure, with robust protections in place to prevent unauthorized access.

Fraud Prevention

We actively monitor and prevent fraudulent activity through:

  • Trusted Payment Partners: All transactions are processed securely via Shopify Payments (powered by Stripe), PayPal, Visa, and MasterCard – each with built-in fraud detection protocols.
  • Suspicious Activity Monitoring: We review all orders and account behavior. In case of irregularities, we may contact you to confirm the transaction.
  • IP and Location Tracking: For your safety and ours, we may log IP addresses to detect unusual activity and enforce regional protections.
  • Age Verification: As our services are restricted to customers 18 years and older, we may verify age to prevent unauthorized purchases.

Your Responsibility

To further protect yourself:

  • Keep your devices and browsers updated and virus-free.
  • Never share your login or payment information with third parties.
  • Use strong, unique passwords for your account.
  • Log out of your account when using shared or public computers.
  • Report any suspicious emails, orders, or account activity via the contact form on our Contact Us page.

Data Protection

We fully comply with:

  • GDPR (General Data Protection Regulation) – for users in the EU and UK
  • CCPA/CPRA (California Consumer Privacy Act) – for California residents
  • PIPEDA (Personal Information Protection and Electronic Documents Act) – for Canadian users
  • Privacy Act 1988 – for customers in Australia
  • State Privacy Laws – for other US states with applicable privacy legislation

We do not sell or share your personal information with unauthorized third parties. See our Privacy Policy for more details on how your data is collected, used, and protected.

Payment Security

Secure Payment Processing

  • PCI DSS Compliance: All payment processing meets Payment Card Industry Data Security Standards
  • Tokenization: Credit card information is tokenized and never stored on our servers
  • 3D Secure: Additional authentication layer for credit card transactions when available
  • Encryption: All payment data is encrypted both in transit and at rest

Accepted Payment Methods

We only work with trusted, secure payment providers:

  • Shopify Payments (powered by Stripe) - Industry-leading security standards
  • PayPal - Buyer protection and secure processing
  • Major Credit Cards (Visa, MasterCard, American Express) - With built-in fraud protection

Account Security

Account Protection Measures

  • Secure Login: HTTPS encryption for all login attempts
  • Session Management: Automatic logout after periods of inactivity
  • Account Monitoring: Tracking of login attempts and account changes
  • Email Notifications: Alerts for important account activities

What We Monitor

  • Multiple failed login attempts
  • Unusual ordering patterns
  • Geographic inconsistencies
  • High-value or bulk purchases
  • Suspicious payment methods

Incident Response

If You Suspect Fraud

If you suspect a fraudulent charge or unauthorized order:

  • Contact us immediately through the form on our Contact Us page
  • Provide details including order numbers, dates, and nature of concern
  • Preserve evidence such as emails, screenshots, or transaction records
  • Monitor your accounts for additional suspicious activity

Our Response Process

  • Immediate Investigation: We will investigate and respond within 24-48 hours
  • Account Security: We may temporarily restrict account access if necessary
  • Resolution: Valid claims will be handled according to our Refund & Return Policy
  • Prevention: We implement additional safeguards to prevent similar incidents

Third-Party Security

Service Provider Security

All our third-party partners maintain high security standards:

  • Shopify: SOC 2 Type II certified, PCI DSS Level 1 compliant
  • Stripe: PCI DSS Level 1 certified, bank-level security
  • PayPal: Advanced fraud protection and buyer security programs
  • Google Analytics: GDPR and privacy-compliant data processing

Data Sharing Limitations

We only share necessary information with trusted partners for:

  • Payment processing and fraud prevention
  • Order fulfillment and shipping
  • Customer support and communication
  • Legal compliance and regulatory requirements

Security Best Practices

For Customers

  • Strong Passwords: Use unique, complex passwords
  • Two-Factor Authentication: Enable when available
  • Secure Networks: Avoid public Wi-Fi for purchases
  • Regular Monitoring: Check account statements regularly
  • Software Updates: Keep devices and browsers current

Our Commitments

  • Regular Security Audits: Ongoing assessment of our security measures
  • Staff Training: Regular security awareness training for all employees
  • Incident Planning: Prepared response procedures for security events
  • Compliance Monitoring: Staying current with security regulations and standards

Status Updates During Security Incidents

In the event of a confirmed security incident, we will communicate directly via email with affected customers. Updates will include the incident status, recommended actions, and final resolution details.

Law Enforcement Cooperation

In confirmed cases of fraud or illegal activity, we are legally required to share relevant information with the appropriate authorities

Changes to This Policy

We may update this Security & Fraud Policy periodically to reflect:

  • Improvements in our security practices
  • Changes in legal requirements
  • New fraud prevention technologies
  • Updates to third-party service security standards

Any updates will be posted on this page with an updated "Effective Date." It is your responsibility to review this policy regularly.

Contact Us

Have questions or concerns about your security? Please reach out to us via the contact form on our Contact Us page.

For urgent security matters:

  • Use the subject line "SECURITY URGENT" in your contact form
  • Provide as much detail as possible about your concern
  • We prioritize security-related inquiries and aim to respond within 24 hours

We are here to help and to make sure your experience with Nerfeuo is safe and trustworthy.

This Security & Fraud Policy should be read in conjunction with our Privacy Policy, Cookie Policy, and Terms of Service.