Security Policy | Sonark Marine

Security Policy

Last updated: November 2, 2025

Sonark Marine is committed to protecting the confidentiality, integrity, and availability of our website, data, and systems. This Security Policy explains our security practices and the responsibilities we share with customers, visitors, and partners. It complements our Privacy Policy and Terms of Service.

Scope

  • Public website pages, forms, and checkouts hosted on Shopify.
  • Operational systems used to run the store (e.g., analytics, payment gateways, email service providers).
  • Data collected through orders, support requests, and account features.

Data We Handle

Customer Data
Contact details, order info, shipping details, limited payment metadata (card numbers are not stored by us).
Technical Data
Device/usage information, cookies, IP address, and diagnostics to secure and improve the site.
Support Data
Messages and attachments you share with our support team.

Note: Sensitive payment credentials are processed by PCI-compliant payment processors and are not visible to or stored by Sonark Marine.

Security Measures

  • Platform security: Store hosted on Shopify with HTTPS/TLS encryption for all pages and checkouts.
  • Access control: Principle of least privilege, role-based access, strong passwords, and MFA on admin accounts where available.
  • Data minimization: Only collect data needed for transactions, support, and legal compliance.
  • Network & application safeguards: Firewalling, DDoS protections, automatic platform patches, and continuous platform monitoring (via Shopify and approved apps).
  • Backups & continuity: Platform-level redundancy and backup processes provided by Shopify and integrated services.
  • Logging: Administrative activity and key events are logged within platform tools to support audit and incident response.

Payments

  • Payments are processed by third-party gateways (e.g., Shopify Payments, PayPal, Amazon) that maintain PCI DSS compliance.
  • We never store raw card numbers or CVV codes on Sonark Marine systems.
  • All payment pages are served over HTTPS with modern encryption.

Your Responsibilities

  • Protect your account credentials and use a unique, strong password.
  • Keep your browser and devices updated with current security patches.
  • Review URLs and avoid sharing sensitive info with anyone claiming to be us via unofficial channels.
  • Report suspicious activity to customercare@sonarkmarine.com.

Third-Party Services

We may use trusted providers (e.g., analytics, email, shipping, fraud-prevention, and payment gateways). These processors are contractually required to protect data and use it only for the services we request. Where feasible, we limit shared data to what's necessary.

Incident Response

  • We investigate suspected security events promptly.
  • When legally required, we notify affected users and regulators without undue delay.
  • After incidents, we perform root-cause analysis and implement remediation steps.

Data Retention

We retain data only as long as needed for legitimate business purposes and legal obligations (e.g., tax and accounting). When no longer required, data is deleted or de-identified according to our retention practices and platform capabilities.

International Transfers

Depending on where you're located and which providers we use, your data may be processed in countries other than your own. We apply safeguards permitted by applicable laws for such transfers.

Children's Data

Our site is not intended for children under 13. We do not knowingly collect personal information from children. If you believe a child has provided personal data, contact us and we will take appropriate action.

Changes to This Policy

We may update this Security Policy as our practices evolve. Material changes will be posted on this page with a revised "Last updated" date.

Contact Us

Email
customercare@sonarkmarine.com
Contact Form
Use our contact page
← Back to Home

© 2025 Sonark Marine. All rights reserved.