Security

Donate and Shop with Confidence
We understand your concerns about online security. We maintain rigorous standards to ensure your personal information is safe when using Stuff for Good Demo. That is why we chose Stripe. 

Stuff for Good Demo runs on Stripe, the leading Payments Platform in the world.   
Stripe has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. To accomplish this, we make use of best-in-class security tools and practices to maintain a high level of security at Stripe.

Stuff for Good Demo runs on HostPapa's infrastructure which complies with the Payment Card Industry's Data Security Standard v2.0 (PCI DSS 2.0). This compliance has been validated by an authorized independent Qualified Security Assessor and covers all requirements as defined by PCI DSS for physical infrastructure service providers. 

What We Do to Protect Your Information: Encryption of sensitive data
All card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines. None of Stripe’s internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe’s infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure and doesn’t share any credentials with Stripe’s primary services (API, website, etc.).

We use encryption technology to ensure the secure transmission of any personal information you provide on any Stuff for Good Demo site. All transactions are conducted using 128-bit Secure Sockets Layer (SSL) encryption.

Our internal data security policies restrict access to customers' personal information to authorized employees. Authorized employees may use our customers' personal information for Stuff for Good Demo purposes only. Each authorized user has a unique ID and access to customer data is tracked and monitored.

We regularly scan our systems for viruses and malware and test our network for vulnerabilities.

You are Never Liable for Unauthorized Charges

You will never have to pay for any unauthorized charges to your credit card account if those charges result from an authorized transaction at CauseStuff.com.com.

If you are a victim of credit card fraud, the Fair Credit Act specifies that your credit card company can hold you liable for no more than $50 in fraudulent charges to your account. You'll be reimbursed for any amount up to $50 billed to you by your credit card company for unauthorized charges to your account if those charges result from an order you've placed on any Stuff for Good Demo. To benefit from this protection, you must promptly notify your credit card company of any fraudulent charges and follow the procedures for doing so as outlined in your credit card agreement.

What You Can Do
To ensure you're getting the best protection available, we recommend using the latest version of your browser software and downloading security updates as they become available.

Additional suggestions for maintaining the security of the information you provide online:
• You can determine when you're sending data securely by looking at the web address (URL) in your browser window: the first few letters will change from "http" to "https" when you are transmitting information protected by SSL encryption.
• All the major browsers also display a padlock icon to indicate that encryption is being used:
• Firefox & IE display the padlock in the status bar at the bottom of the window,
• Safari, Chrome and Opera display the padlock in the address bar, near the URL.
• Use public computers only if they are maintained by a trusted source, and always be sure to log out of your CauseStuff.com.com account and shut down the web browser before leaving the computer.
• If you are presented with a link to Stuff for Good Demo in email or on another site and are unsure whether it is valid, do not click the link. Instead, type https://Stuff for Good Demo in your browser's address field to access our site directly.
• Email is not a secure form of communication. Do not send us your credit card number or other personal information via email.

Links to Other Sites 
Occasionally we provide links on our Web site to other sites to enhance the functionality and shopping experience. These sites operate independently of Stuff for Good Demo and have established their own security and privacy policies. For the best online experience, we strongly encourage you to review these policies at any site you visit.