At Taione Trading (TAIONETRADINGcom), we respect your privacy. While the nature of our business requires us to obtain personal information from you, we will never knowingly sell, rent, loan, or provide that information to any third party (except the financial institution that processes your payment) without your specific consent. TAIONETRADING.com is dedicated to protecting your information and fully complying with the requirements of the law.
TAIONETRADING.com will only collect information from customers through lawful and consented sources. The company will not hold or collect any information that originates from an unconsented source. If a TAIONETRADING.com employee receives unconsented information, he/she will advise the party that sent it to cease. The employee will also advise that providing unconsented information is in violation of the Personal Information Protection Act. If a customer does not consent to providing TAIONETRADING.com with the requested information necessary to do business, TAIONETRADING.com staff will provide the reasons to the customer and advise them of the pending consequences if the information is not supplied. In some cases this may result in the company ceasing delivery service to the customer. If for business reasons, TAIONETRADING.com requires original information to be used for a different purpose, customers will be advised in advance and consent obtained prior to the new use.
All information collected from customers is safeguarded through various means such as (but not limited to): restricted access to databases and servers, cyphering, passwords, encryption, as well as locked filing cabinets for information collected in paper form. All staff are trained in proper safeguarding of information with periodic audits conducted. If paper documents containing personal customer information are no longer required, they are shredded.
Collection of Information
We will collect only such personal information from you as may be required to permit us to fulfill the purposes set out below. Such information may include your name, address, email address, telephone numbers, age, gender, personal interests and shopping or product preferences. We will collect this information to authenticate your identity, to improve your shopping experience, to understand your preferences for the types of products and services that we offer, to administer our promotions and programs (including our "Customer Appreciation" program), to communicate with you and to process payment for our products and services. We may also collect personal information from you on our website and in our stores in connection with your participation in promotional programs and special offers which we may initiate from time to time, including our "Customer Appreciation" affinity program. In addition, we may collect additional information from you from time to time for purposes ancillary to those set out above. By providing personal information to us, by using our services and by participating in any programs that we may offer from time to time, you consent to our use of information disclosed by you for the purposes identified above.
We may also log non-personally-identifiable information including IP address, profile information, aggregate user data, and browser type, from users and visitors to this website. This data is used to manage the website, track usage and improve the website services. This non-personally-identifiable information may be shared with third-parties to provide more relevant services and notices to users. User IP addresses may be recorded for security and monitoring purposes.
We may also use your email address to send updates, a newsletter or news regarding our products or services. We will provide you with the option to choose not to receive emails of this type.
Over the course of our relationship, information will be created that was not intended but merely resulted from the regularity of transactions between us. We are committed to honest and open communication and will make your personal information available to you upon request.
Any personal information that we do collect is for internal purposes only. We do not sell nor share your personal information with any external organization except to authorized electronic commerce service providers to process online payment, and to authorized call centers who will provide service to you in connection with our services and programs. You will be subject to the privacy policies of such service providers, however we will strive to ensure that such policies offer a level of protection of your personal information comparable to this policy. Your name will not find its way onto any mass circulation databases and there will not be any new forms of "junk mail" in your mailbox because of your involvement with us.
Use and Disclosure of Personal Information
We do not intend to collect any personal information from children under the age of sixteen. If a parent or guardian of a child who has provided us with such personal information would like the information deleted from our records, he or she should contact us at the email address listed at the bottom of this policy statement. We will then delete the child's personal information from our files.
Retention and Safeguarding Your Personal Information
We will retain your personal information for as long as it is required to fulfill our obligations to you as our customer. We will take all necessary and reasonable measures to safeguard that information from any unauthorized access. We use industry-standard encryption technology and advanced firewall systems to deter unwanted intruders.
Even the most sophisticated systems have been "hacked into" so our best defence is to delete information on our system that would benefit anyone other than you and us. No credit card information is stored in any of our databases and therefore we never expose your credit card information to the possibility of improper or unauthorized access. Hard copies of personal information are stored in a secure area at our offices, and are only made available to authorized personnel.
Consumer Access to Their Personal Information
We are committed to keeping you informed and to ensuring the accuracy of your personal information. At your request we will provide you with details of all of your personal information which we have, what it is being used for, and to whom it has been disclosed. In some limited cases, we may be unable to access or provide some specific information. We will provide reasonable rationale for any inability to release information.
You may by sending us a written request requiring that your personal information be deleted from our databases, or you may request that your personal information be updated or corrected to amend any inaccuracies.
Online Payment Provider "Stripe"
Stripe has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available.
SSL and HSTS
Stripe forces HTTPS for all services, including our public website. We regularly audit the details of our implementation: the certificates we serve, the certificate authorities we use, and the ciphers we support. We use HSTS to ensure browsers interact with Stripe only over HTTPS. Stripe is also on the HSTS preloaded lists for both Chrome and Firefox.
For more about implementing SSL on your own website, read our SSL guide.
All card numbers are encrypted on disk with AES-256. Decryption keys are stored on separate machines. None of Stripe's internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe's infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn't share any credentials with Stripe's primary services (API, website, etc.).
We rapidly investigate all reported security issues. If you believe you've discovered a bug in Stripe's security, please get in touch at firstname.lastname@example.org. We will respond as quickly as possible to your report. We request that you not publicly disclose the issue until it has been addressed by Stripe.