Security Policy

1. Introduction

We take security very seriously, but have to strike a balance between increased levels of security and making transacting with us convenient to you. We are Learning the Harp (Pty) Ltd (Registration number 2019/201751/07), also known as Learning the Harp, and this is our plan of action for safeguarding our website and your personal information from harm, such as unauthorised access, destruction, or loss. It describes our responsibilities, our disclaimers, your responsibilities, and has special provisions dealing with phishing and credit cards.

2. Our responsibilities

We will:

  • host our website on a secure server that uses a firewall and other security measures to prevent unauthorised access;
  • protect your information that we store in or passes through our systems using encryption or other appropriate information security measures;
  • ensure that links from our systems to systems that third parties (such as our payment gateways) control are secure;
  • backup all data on our systems so that we can recover it in case of disaster;
  • log all access to our systems to better identify and resolve unauthorised access issues; and
  • use a payment gateway that is sufficiently secure (in terms of accepted technological standards at the time of the transaction and the type of the transaction) and takes reasonable steps to secure your payment information.

3. Our disclaimers

3.1. Disclaimer. We will do our best to prevent our website and your information from being compromised and will help you resolve a security problem whenever we can. However, we are not responsible for compromises caused by:

  • harmful code – entering our website, such as viruses, bugs, Trojan horses, spyware, or adware;
  • your fault – problems or loss caused by your information you provide to us (such as inaccurate personal information) or your computer being compromised (such as being accessed by an unauthorised person or otherwise hacked);
  • factors beyond human control – such as fires, floods, or other natural disasters.

 

3.2. Third party systems. Third parties are responsible for the security of information collected by, stored on, or passing through their systems, even if we link to those systems.

    1.  

4. Your responsibilities

4.1. No compromise. You may not do (or let anyone else do) anything that might compromise our system.

4.2. Protect your credentials. If you created a username, password, or other credentials when you registered on or submitted information through our website for the first time, then you should take the following steps to secure those credentials:

  • never share them with anyone;
  • never send them via email; and
  • make any passwords as strong as possible.

4.3. Recommended steps. You should take the following steps to secure your personal information:

    1.  
  • install security software on your device, including anti-virus, anti-spyware, and anti-spam software;
  • regularly scan your device for viruses and other malicious software; and
  • keep security software up-to-date to ensure you are always running the latest version with the latest definitions.

4.4. Additional steps. You could take the following steps for your own security:

    1.  
  • check your Internet browser’s security settings for ways to make your browsing more secure;
  • make sure that you have entered secure pages when filling in your personal information; and
  • log out after you have transacted electronically.

5. Phishing

5.1. Awareness. Be aware of ‘phishing’ attacks where criminals attempt to get your personal information by sending you an email, masquerading as an email from us, asking you to access your account or verify information through links in the email, or diverting you to a fake version of our website.

5.2. Legitimate URL. You must only log into our website from a legitimate URL associated with us that you know and trust, such as one based on our name that we have communicated to you in writing. Please be wary of phishing websites that use illegitimate URLs designed to trick you into thinking they are our website, such as by using common misspellings of our name, different domain suffixes, or other words associated with our business.

5.3. Confirmation through links. We will not generally ask you to confirm your credentials or other personal information by clicking on any links in an email other than in any email link we send you after registration or the first time you submit information through our website to verify your identity.

5.4. Reporting. Please report any suspected phishing attacks to us immediately to prevent any harm to you or others.

6. Credit cards

6.1. Safe and secure. Transacting with us electronically (including transacting and using your credit card on our website) is safe and secure.

6.2. Payment processing. Our payment gateway handles all credit card transactions on our behalf, uses the strictest form of encryption, and has their own security certificate and policy which you can view on their website.

6.3. Payment verification. A Certificate Authority (or CA) checks, verifies, and certifies our payment gateway’s company registration documents and domains to ensure that nobody can impersonate them to get your payment information.

6.4. Secure URL. Once you begin the payment process, your browser will establish a secure Internet connection with our payment gateway. You can see this when the website URL changes from ‘http’ to ‘https’ and a small padlock symbol appears.

7. General

7.1. Contact us. Please report any suspicious or unauthorised activity relating to your use of our website to us directly, because it will help make our website as secure as we can.

7.2. Our right to take action. We may take whatever action we may deem necessary to preserve the security and reliability of our system.