Security Policy

Effective Date: September 4, 2025
Last Updated: September 4, 2025

The Biz Birth Co (“Company,” “we,” “our”) uses the Squarespace platform and is committed to protecting customer data as outlined below.

Information Security Objectives

  • Protect user data and business information handled on our website.

  • Prevent unauthorized access, misuse, loss, alteration, or disclosure of customer data.

  • Ensure the reliability, availability, and integrity of our services.

Squarespace Data Protection Measures

  • SSL/TLS Encryption: All website traffic is encrypted using SSL/TLS. This secures connections for all visitors and data transmissions.

  • Monitored Security: Squarespace employs a 24/7 Security Operations Center (SOC) and uses up-to-date security protocols to identify and mitigate vulnerabilities.

  • Account Protection: Passwords are hashed. Two-factor authentication (2FA) is available for Squarespace user/member accounts.

  • Network Safeguards: DDoS protection, firewall protections, and regular vulnerability assessments are part of Squarespace’s infrastructure.

  • Data Storage: All personal and business data is stored securely using Squarespace-managed infrastructure.

  • Backups and Recovery: Squarespace provides regular server-level backups to ensure data continuity.

Payment Processing

  • All payments and sensitive card data are handled exclusively by PCI DSS-compliant third-party processors (Stripe, PayPal, Square). Squarespace does not process, transmit, or store any payment card details directly.

  • The Squarespace checkout form is locked down for maximum compliance and cannot be modified by site owners with custom code or scripts, further securing payment flows.

Physical and Organizational Security

  • Squarespace data centers have physical controls, monitoring, and disaster recovery protocols in place.

  • All Squarespace staff and contractors receive appropriate security training and are subject to strict access controls.

Third-Party Services

  • Any integrations, marketing tools, or plugins added to the site with access to user data are selected for compliance with Squarespace’s standards and global data protection laws.

Incident Response

  • In the event of any detected data breach, Squarespace will notify its customers and site owners as required by law.

  • Site administrators will cooperate with Squarespace to investigate and respond to any incidents.

User Responsibilities

  • Users should create strong, unique passwords and enable two-factor authentication for member accounts where available.

  • Report any suspicious activity or security concerns to [insert company email] or Squarespace support.

Policy Review

This policy will be reviewed at least annually or as Squarespace updates its platform practices.

Contact Information

For any website security concerns, contact:
The Biz Birth Co
Email: customercare@bizbirthco.com
Phone: [Insert contact number]