TRUST CENTER

Security, privacy, and compliance

What we actually do to protect your data and your customers' payment details — and where to report a problem.

Security

Card data never touches us

Payments run through Stripe's hosted elements. We store only the resulting token, never the card number.

AVS & CVV matching

Address and security-code verification runs on every charge. Mismatches stop the transaction before it authorizes.

Velocity limits

More than three card attempts from one IP in 60 minutes triggers an automatic hold, not a silent decline.

Encryption in transit & at rest

All traffic is served over TLS. Stored customer records use AES-256 encryption at rest.

Access control

Internal systems use role-based access — staff see only the data needed for their function.

Backups

Product and order data is backed up daily, with backups retained on a rolling 30-day window.

Compliance

PCI-DSS

We rely on Stripe's PCI-DSS Level 1 certified infrastructure for card processing; we never ingest raw PANs.

UK GDPR

We process personal data under UK GDPR as data controller for account and order information. See our privacy policy below for your rights.

Subprocessors

Stripe (payments), and our hosting provider, process data on our behalf. A full subprocessor list is available on request.

Cookie policy

We use essential cookies to keep you signed in and, with consent, analytics cookies to understand site usage. No advertising cookies.

Accessibility

We aim to meet WCAG 2.1 AA. Found a barrier? Email accessibility@smartmartglobaltrade.com.

Data retention

Account and order data is kept for as long as your account is active, plus the period required by UK tax law, then deleted or anonymized.

Business continuity & incident response

Availability

The platform targets standard commercial availability; planned maintenance is announced in advance where possible.

Incident response

Suspected security incidents are triaged immediately; affected customers are notified in line with UK GDPR breach-notification timelines.

Responsible disclosure

Found a security issue? Email security@smartmartglobaltrade.com — we ask that you don't publicly disclose before we've had a chance to respond.