Security Guide
This document explains how we use the best security tools and practices to maintain a high level of security at Chapa.
HTTPS for secure connections
Chapa uses HTTPS for all the services and websites using TLS(SSL). Chapa’s libraries connect to chapa’s server over TLS and with every connection, the TLS will be verified.
Encryption of Data
All card numbers are encrypted at rest with AES-256. None of Chapa's internal servers can obtain plaintext card numbers. Chapa’s framework for storing and transmitting card numbers runs in a separate environment and is not a part of Chapa’s primary services, ensuring security over your credentials.
Privacy Policy and Terms
Chapa’s Privacy Policy and Terms detail clients’ privacy rights concerning their acquaintance with the company and how it gathers, assembles, uses, shares, and protects their personal data.
These terms are to be implemented on every platform owned by Chapa - websites, applications, Social Media Pages, and any other tools or services - no matter how the client gains access to them. However, third-party platforms that are NOT owned by Chapa are NOT to be abided by these terms as they aren’t applicable to them.
Chapa regards and honors the importance of its clients’ privacy and consent. Therefore, we hereby declare that we will go above and beyond to protect and secure the information you entrust with Chapa.
Revision, Updates & Amendments
Due to the constant change in technology, it is a must to adjust our policies accordingly. Chapa reserves the right to revisit, revise, update and amend its privacy policies as need be. Terms are effective and valid in regards to the date provided below. Referring to this date, it is our advice that you check the terms from time to time.
If you have any disagreement with what is stated in these terms, you are expected to stop interacting with the platform and dismiss your account (if you have created one).
Age
Our services are strictly provided to users that age 18 and above. Chapa is not responsible for any information that is acquired through a user that doesn’t meet the age limit mentioned above. However, any party that claims they had their private data released without permission can contact us through the contact details provided on this page.
Data Gathered by Chapa
1. Personal Data
To get our services running we are obligated to gather some of our users’ personal data, such as First and Last names, phone numbers, e-mails, addresses, bank details, etc. Occasionally, anonymous details such as ‘IP address’ might be collected as well. Current, past, and prospective employees, suppliers/vendors, customers of companies, and individuals that deal with Chapa - all lie under the term ‘Users’.
All collected and gathered data is protected by laws, principles, rules, and regulations ensuring security.
Creating a Chapa account is required in order to gain access to our services. By creating an account you give us access to your personal data. Your personal data will be used for the following purposes:
- To Give you access to our services.
- To attend to your needs.
- To Address inappropriate use of our website.
- To provide you with marketing content, newsletters, and service updates by Chapa. (You will have the option to ‘unsubscribe’ if you are no longer interested in this service.)
- To Maintain daily records.
- For Identity Verification.
2. Cookies
Cookies allow servers to register and recall IP addresses, web traffic, time and date stamps of platform visits, as well as defend against deceptive activities. However, cookies do not store and withhold sensitive data. They are present to gather special yet random information in order to identify you as a user whenever you revisit the site and eventually give you what is needed.
To give you a smoother experience, ensure security, and customize your needs accordingly, Chapa uses Cookies.
Although it may impact your user experience, you will be given the option to disable Cookies while accessing Chapa’s website and other platforms.