Encryption of sensitive data and communication
All card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines. None of Stripe’s internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn’t share any credentials with Stripe’s primary services (API, website, etc.).
HTTPS and HSTS for secure connections
Daleel forces HTTPS for all services using TLS (SSL), including our public website and the Dashboard.
We regularly audit the details of our implementation: the certificates we serve, the certificate authorities we use, and the ciphers we support. We use HSTS to ensure browsers interact with Daleel only over HTTPS. Daleel is also on the HSTS preloaded lists for both Google Chrome and Mozilla Firefox.
Daleel security team work to protect you and your information.
We are concerned about the safety and security of your information, so we have put a number of technological protection in place to ensure that our transactions process is extremely safe and that your information is secure.
Your information is safe in our super secure data centre that employs the most up-to-date hacker deterrent security devices, security network architecture and hardware firewalls.
We guarantee every transaction you make on Daleel platforms will be safe. This means you pay nothing if unauthorised charges are made to your card as a result of shopping at Daleel.
Our secure sockets layer SSL is a True Business EV issued GeoTrust EV RSA CA 2018, is one of the best leading security software and among the best available to secure an online commerce transactions. It encrypts all your personal information, including credit card number, name, and address, so it cannot be read as it travel over the internet.
Our online platforms are PCI compliant, and our entire network is independently audited against stringent PCI security standards every 90 days.
If you’re charged for something you didn’t purchase, report it and change your password immediately. We’ll secure your account and investigate.
We work hard to keep your information secure but there are some things you can do to stay safer online and identify phishing and scams more easily.
Daleel obtains Personal Data about you from various sources to provide our Services and to manage our Sites. “You” may be a visitor to one of our websites, a user of one or more of our Services (“User” or “Daleel User”), or a customer of a User (“Customer”). If you are a Customer, Daleel will generally not collect your Personal Data directly from you. Your agreement with the relevant Daleel User should explain how the Daleel User shares your Personal Data with Daleel, and if you have questions about this sharing, then you should direct those questions to the Daleel User.
We make reasonable efforts to ensure a level of security appropriate to the risk associated with the processing of Personal Data. We maintain organisational, technical and administrative measures designed to protect Personal Data within our organisation against unauthorised access, destruction, loss, alteration or misuse. Your Personal Data is only accessible to a limited number of personnel who need access to the information to perform their duties. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure. If you have reason to believe that your interaction with us is no longer secure (for example, if you feel that the security of your account has been compromised), please contact us immediately.
If you are a Daleel User, we retain your Personal Data as long as we are providing the Services to you. We retain Personal Data after we cease providing Services to you, even if you close your Daleel account, to the extent necessary to comply with our legal and regulatory obligations, and for the purpose of fraud monitoring, detection and prevention. We also retain Personal Data to comply with our tax, accounting, and financial reporting obligations, where we are required to retain the data by our contractual commitments to our financial partners, and where data retention is mandated by the payment methods that we support. Where we retain data, we do so in accordance with any limitation periods and records retention obligations that are imposed by applicable law.