Thanks for Supporting a Locally Owned Hemp Dispensary
$0.00 0

Cart

No products in the cart.

Sacred Leaf KC – Digital Security Policy

Effective Date: [04/20/2025]
Last Updated: [04/21/2025]

1. Purpose

This policy establishes the digital security requirements and practices for Sacred Leaf KC’s website and operations to protect our business, employees, and customers from unauthorized access, data breaches, and other cyber threats.

2. Scope

This policy applies to all employees, contractors, vendors, and third parties with access to Sacred Leaf KC’s digital assets, including the website, internal systems, and customer data.

3. Roles & Responsibilities

  • Owner/Manager: Ensures implementation and oversight of this policy.
  • IT/Website Administrator: Maintains security of website, data, and related systems.
  • Employees & Contractors: Follow all security practices as outlined and report incidents.

4. Data Protection

  • Customer Data: All customer personal data is stored securely and access is limited to authorized personnel only.
  • Encryption: HTTPS/SSL is required for all web traffic and data transmissions.
  • Backups: Critical website and customer data will be backed up at least weekly and stored securely.

5. Access Control

  • User Accounts: Only authorized users are granted access to administrative and sensitive areas of sacredleafkc.com.
  • Authentication: Strong, unique passwords are required for all users. Multi-factor authentication (MFA) is highly recommended.
  • Account Management: Accounts are reviewed periodically, and access is revoked promptly when no longer needed.

6. Website Security

  • Software Updates: All website platforms, themes, and plugins must be kept up to date.
  • Vulnerability Monitoring: Regular scans for vulnerabilities and malware will be conducted.
  • Firewall & Anti-Virus: Use of web application firewalls (WAF) and endpoint protection is mandatory.

7. Payment & Ecommerce Security

  • PCI Compliance: All payment processing is outsourced to PCI-compliant third-party providers (e.g., Shopify, Stripe).
  • No Card Storage: Sacred Leaf KC will not store customer payment card information.

8. Email & Communication Security

  • Phishing Protection: Staff are trained to recognize phishing attempts and suspicious links.
  • Secure Communication: Use encrypted email or secure messaging for sensitive topics.

9. Incident Response

  • Reporting: Any suspicion or evidence of a security breach must be reported immediately to the designated IT/Website Administrator ([Insert Contact]).
  • Response Plan: Incidents are investigated within 24 hours with steps taken to contain, assess, and remediate the threat.
  • Notification: Affected parties will be notified as required by law.

10. Training & Awareness

All employees receive annual training on security best practices, including safe browsing, password management, and phishing detection.

11. Policy Review & Updates

This policy will be reviewed annually and updated as necessary to address emerging threats and changes in business processes.

Contact:
For security concerns, contact [security@sacredleafkc.n3w.site] or E Monslow.

Locally Owned and Operated Cannabis Hemp Dispensary

Site
Home Shop About Blog
Info
FAQ's Return Policy Terms & Conditions Security Policy Delivery Policy Privacy Policy Lab Tests FDA Disclaimer
Payments

FDA Disclaimer

The products available on Sacredleafkc.com, including CBD and hemp items, have not been evaluated or approved by the Food and Drug Administration (FDA). These products are not intended to diagnose, treat, cure, or prevent any disease or medical condition. We make no claims regarding the medicinal value of any of our products. Always consult with a qualified healthcare professional before using any new dietary supplements or wellness products. Use only as directed.

© Copyright 2025. All rights reserved.

Website by DopeSEO

Are you 21?

21 and Over
Too Young To Play

By using this site you agree to the Terms & Conditions