Security Statement

  • Definitions Index Certain terms, words and/or phrases in our policies are abbreviated or used by reference.
    All definitions stated in our policies refer to the same meanings consistent with their descriptions, regardless of capitalisation and how the wording is presented.
    Please click the link above to review the definition index for a better understanding of the references we use.

Secure connection:

Our website uses a secure connection using 2048-bit and SHA-2 which is the strongest encryption available, encrypted and authenticated using a strong protocol of TLS 1.2 certified by Let's Encrypt.

Secure transmissions:

Our online transmissions are carried out through our secure domain https://creativaholic.worldsecuresystems.com certified by DigiCert, also using 2048-bit and SHA-2, encrypted and authenticated using a strong protocol of TLS 1.2.

Our SSL Certificate is verified and validated on our behalf to our supplier Adobe Systems Incorporated in California, USA.

To make it as simple as possible to understand:
https://www.creativaholic.com.au is our standard domain using the secure domain https://creativaholic.worldsecuresystems.com to process payments and encrypt sensitive data transmissions.

PCI DDS compliance:

Compliance:

Our systems are certified Level 1 PCI DDS compliant. This compliance extends to all online stores built using our systems.

We take security very seriously and as such, our suppliers and we have invested significant effort in making sure our systems are PCI compliant. A large variety of security mechanisms have been implemented, such as AAA (Authentication, Authorisation, and Access Control), attack detection and annihilation mechanisms, encryption of sensitive data, firewalls, anti-virus, etc. All cardholder data specific mechanisms, environments, policies, procedures and operations have been audited for security compliance by an accredited 3rd party investigator. Moreover, our systems' code and environments are regularly tested for security holes both manually and using various 3rd party penetration software with a multitude of security standards are considered and followed.

What is PCI DDS Compliance:

The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard containing a widely accepted set of policies and procedures intended to optimize the security of credit, debit and cash card transactions, as well as to protect cardholders against misuse of their personal information.

Defined by the Payment Card Industry Security Standards Council, the standard was created to increase controls around credit card data to reduce credit card fraud via its exposure.

The PCI DSS specifies and elaborates on six major objectives:

  • Build and Maintain a Secure Network
  • Protect Cardholder Data
  • Maintain a Vulnerability Management Program
  • Implement Strong Access Control Measures
  • Regularly Monitor and Test Networks
  • Maintain an Information Security Policy

Export law compliance:

Our websites and products are not available to:

  • Countries banned and/or embargoed by Australia, United states of America and/or the United Nations.
  • Individuals and entities living, trading within and with banned and embargoed countries.
  • Individuals and entities banned, blocked or denied by the Australian government.
  • Individuals and entities blacklisted by our internal and external servers.

Unsolicited communication prevention:

This section is straight forward. You must understand that you need to respect our policies under all and any circumstances.

By using any form of communication with us, wether direct via email or through one of our web forms on the website, you understand that:

  • We do NOT outsource our services or hire any other agency, company or individuals for any of our services neither locally, nationally or internationally.
  • We are NOT looking for any new external services or integrations, to add to our workflows or business infrastructure.
  • We have already established relationships with reputable providers and partners, and all our production is carried out in-house.
  • All work opportunities and job listings from us will be advertised in job boards and other appropriate channels for the matter.
  • If you are a local agency, designer or freelancer looking for work, please look around at job boards and the appropriate channels for job adverts if there are any from us.

By using our contact details to reach out to us directly via email and/or through one of our web forms in the website or via any communication medium, you accept and agree to not send bulk, spam, unsolicited or marketing emails to us, our subsidiaries, affiliates, directors, owners, officers, agents, employees, representatives, partners, shareholders, and licensors.

Failure to comply with this policy will result on:

  • Reporting your email and IP address to blacklisting channels.
  • Reporting your email and IP address to your ISP and HSP.
  • Block your access to the website in whole.
  • Filter out your Email and IP Address from further reach to our servers.

Unless stated otherwise, we reserve the right to review and change certain information contained in our websites without notice.

Last updated by the Creativaholic Studio legal team on 01 July 2017

Call Times:
During Business Hours
After Business Hours

By clicking the button below, you acknowledge and agree to our Terms of Use, Privacy and Security policies.