Terms of Use

This Security Policy should be read in conjunction with District’s General Terms of Service (“Terms”), the Privacy Policy and all applicable “Addenda.” Collectively, these documents constitute the entire “Agreement” between you and us. This Policy expressly incorporates all terms as defined and used in the General Terms of Service.

 

At District, LLC, (collectively, “District,” “we,” “us,” or “our”), the security of Subscriber Data is a high priority. We maintain the District System, and all associated data, systems, hardware and software, with technical, administrative, and physical safeguards in place to protect against the loss, unauthorized access, destruction, misuse, modification, and improper disclosure of your Subscriber Data, including End User Data. Despite these safeguards, it’s important that you understanding no computer system or information can even be fully protected against every possible hazard; so long as there are hackers, there are risks. While District cannot guarantee that its systems or your information will be safe, we are committed to providing reasonable and industry- accepted security controls to protect the District System and Subscriber Data.

 

BY ACCESSING, VIEWING OR USING ALL OR ANY PART OF THE District SYSTEM, YOU ARE ACCEPTING THIS POLICY AND THE ENTIERE AGREEMENT. IF YOU DO NOT AGREE, YOU ARE NOT PERMITTED TO ACESS OR USE THE District SYSTEM AND YOUR UNAUTHORIZED USE MAY BE DEEMED A VIOLATION OF LAW.

 

BEST PRACTICES FOR YOU TO TAKE TO PROTECT CARDHOLDER DATA AND OTHER END USER DATA

We recommend these practices to minimize the risk of a Cardholder Data breach, or a breach of other personal information related to your End Users. Please take steps to do the following:

  • Maintain updated anti-virus software on all workstations engaged in credit card processing and remove any programs that the anti-virus software flags as potentially malicious.
  • Restrict permission to install software on those computers to your business owner and/or trusted senior staff.
  • Maintain up-to-date versions of operating systems (e.g., Microsoft Windows or Macintosh OS) and web browsers (e.g., Internet Explorer, Chrome, Safari or Firefox), with all security
    updates and patches installed.
  • Ensure that every individual that logs into the District System has a unique username and password that is known only by that individual.
  • Only store credit card account numbers in encrypted credit card fields designed for that purpose.
  • Destroy any hard copy documents that have Cardholder Data written on them.
  • Follow the Payment Card Industry Data Security Standard (“PCI DSS”), if you accept Visa, MasterCard, American Express, or Discover credit cards for payment.

 

Please do not do the following:

  • Share your account or password;
  • Record Cardholder Data in notes, contact logs, or other unencrypted text fields within the District System;
  • Record Cardholder Data in any locally installed software program, unless that program and your computer network meet all PCI requirements; or
  • Email End User’s credit card numbers, ask End Users to email credit card numbers to you, or record credit card track data.

 

STEPS District IS TAKING TO PROTECT YOUR SUBSCRIBER DATA

  1. PCI Compliance. District complies with standards set forth by the PCI Security Standards Council to protect Cardholder Data. District encrypts all stored credit card numbers, we enable restricted firewalls to protect stored data, and we use 128-bit SSL certificates to encrypt data during transfer between the web browser and District’s database.
    Approved Scanning Vendor (“ASV”) delivers accurate vulnerability scanning and actionable reporting which enables the District Network Operations Center to quickly rank risks
    and gauge compliance against PCI-DSS Standards. Daily Vulnerability Assessments monitor the District network perimeter against daily threats to help protect you and us from
    hackers, data breaches, adware, spyware, pop-ups, browser exploits, and phishing attempts.
  2. Training and Education. District makes sure that its employees and staff recognize the importance of personal information protection, and the protection of your Subscriber
    Data. We have established internal rules and policies related to the access and use of Subscriber Data, and encourage you to do the same with your employees and staff. Our
    rules and policies are continually assessed, maintained and enforced.
  3. Personnel Security Measures. District’s technical or management personnel with access to Subscriber Data are subject to background checks prior to hiring, and must sign
    non-disclosure and data security agreements that protect both District and Subscriber Data.
  4. Following Laws and Industry Best Practices. District complies with all applicable laws, as well as accepted industry best practices, when dealing with your Subscriber Data.

 

RISK OF LOSS

District’s responsibility to protect your Subscriber Data, including Cardholder Data, applies only after such information is encrypted and received by District’s server(s). You remain responsible for the proper handling and protection of Cardholder Data until such Cardholder Data is encrypted and received by our server(s). Your ability to successfully do this depends on the degree to which you are able to successfully implement the best practices described above and comply with all PCI guidelines.

 

CHANGES TO THE SECURITY POLICY

District reserves the right to change this Security Policy. District will provide notification of the material changes to this Security Policy through a notification on its website, or via email at least thirty (30) business days prior to the change taking effect.

 

CONTACT US

If you have any questions regarding this Security Policy, please contact us by email at
[email protected]

or at:

District, LLC
1145 First Avenue
Columbus, GA 31901

Scroll to top