Website Security Policy
Last updated: March 21, 2026 — Version 2.0
1. Our Security Commitment
Amerion Group LLC takes the security of your personal data and payment information seriously. We implement appropriate technical and organisational security measures to protect your data against unauthorised access, accidental loss, destruction, alteration, or disclosure.
2. Technical Security Measures
2.1 Data Transmission Security
- SSL/TLS encryption: All data transmitted between your browser and goodfeetofficial.com is encrypted using TLS 1.2 or higher (HTTPS). Your browser will display a padlock icon confirming this.
- Secure checkout: All checkout pages and account pages are served exclusively over HTTPS.
2.2 Payment Security
- We do not store full credit or debit card numbers on our systems at any point.
- All payment processing is handled by PCI-DSS Level 1 certified providers: Shopify Payments, Stripe, PayPal, Apple Pay, Google Pay, Amazon Pay, Bancontact, and iDEAL/Wero.
- PCI-DSS (Payment Card Industry Data Security Standard) is the highest international standard for payment data security.
2.3 Platform Security
- Our website is hosted on Shopify Inc. infrastructure, which operates enterprise-grade security including DDoS protection, intrusion detection, and 24/7 monitoring.
- Access to our Shopify admin panel is protected by strong authentication requirements.
- We use only verified Shopify-approved apps and third-party integrations.
2.4 Third-Party Processor Security
All third-party data processors (Klaviyo, Loox, Meta, Google) are contractually required to maintain appropriate security standards. We verify that key processors are GDPR-compliant and ISO 27001 certified where applicable.
3. Organisational Security Measures
- Access to customer data is restricted to authorised personnel only, on a need-to-know basis.
- All personnel with access to personal data are trained on data protection obligations.
- We conduct periodic reviews of our security practices and update them as threats evolve.
- We maintain a data breach response procedure aligned with GDPR Article 33 (72-hour notification obligation).
4. Data Breach Response
In the event of a personal data breach that poses a risk to your rights and freedoms, Amerion Group LLC will:
- Notify the relevant supervisory authority within 72 hours of becoming aware of the breach (GDPR Art. 33)
- Notify affected individuals without undue delay where the breach poses a high risk to their rights (GDPR Art. 34)
- Document all breaches in our internal breach register
- Take immediate steps to contain and remediate the breach
5. Your Account Security
You are responsible for maintaining the security of your goodfeetofficial.com account. We recommend:
- Using a strong, unique password for your account
- Not sharing your login credentials with others
- Logging out after each session on shared devices
- Contacting us immediately at support@goodfeetofficial.com if you suspect unauthorised access to your account
6. Vulnerability Disclosure
If you discover a security vulnerability on goodfeetofficial.com, please report it responsibly to legal@goodfeetofficial.com with subject line “Security Vulnerability Report”. We commit to acknowledging your report within 5 business days and to working with you to address verified vulnerabilities. We ask that you do not publicly disclose vulnerabilities until we have had a reasonable opportunity to address them.
7. Limitations
Despite our best efforts, no method of data transmission or storage is 100% secure. We cannot guarantee absolute security of information transmitted to or from our website. You use our website and services at your own risk with regard to circumstances beyond our reasonable control.
8. Contact
- Security reports: legal@goodfeetofficial.com
- Data protection: privacy@goodfeetofficial.com
- Address: Amerion Group LLC, 30 N Gould Street #36862, Sheridan, WY 82801, USA
© 2026 Amerion Group LLC · Trading as Good Feet · goodfeetofficial.com · EIN: 32-0818127
