Our Security Commitment
Plain English Summary
We use industry-leading security to protect your information. Every professional is manually verified, your data is encrypted, and our systems are monitored 24/7. Whether you use our free or paid services, you get the same high level of security protection.
Three Fundamental Principles
Protection: Safeguarding all user data through multiple layers of security controls
Verification: Ensuring the authenticity of professionals through manual license verification
Availability: Maintaining reliable access to our services for communities worldwide
Security Program Overview
Plain English Summary
We've been keeping user data safe since 2009. Every professional listing is manually checked to verify their license - both when they join and every year after. Our free listings get the same security as paid ones, with no compromises.
Established Trust Since 2009
For over 15 years, Heritage Web has provided secure online services to professionals and communities globally. Our longevity demonstrates our commitment to maintaining robust security practices that evolve with emerging threats while preserving the trust our users place in us.
Manual Verification Process
Every professional listing on Heritage Web undergoes manual license verification at submission and annually thereafter. This human-centered approach ensures:
- Authenticity of professional credentials
- Protection against fraudulent listings
- Maintained trust within professional communities
- Quality assurance for users seeking services
Free Forever Commitment
Our free listing option will always remain free, with no hidden security compromises. Whether you choose our free or sponsor listings, all users receive the same level of security protection for their data and accounts.
Data Protection
Plain English Summary
We protect all types of information you share with us using strong encryption. Your data is scrambled when traveling over the internet and locked securely when stored. We use the same encryption standards as banks and government agencies.
Military-Grade Encryption
All data is protected with AES-256 encryption at rest and TLS 1.2+ in transit - the same standards used by financial institutions and government agencies.
Information We Protect
Heritage Web secures multiple types of user information across all our publications:
Profile Data: Personal and professional information in user profiles
Organization Information: Business and non-profit organization details
Event Data: Event listings and attendance information
Job Postings: Employment opportunities and application data
Communication Records: Messages exchanged through our platform
Encryption Standards
All sensitive data is protected using industry-standard encryption:
- Data in transit is encrypted using TLS 1.2 or higher protocols
- Stored data is protected with AES-256 encryption
- Password protection uses secure hashing algorithms
- Session management includes encrypted tokens
For detailed information about how we collect, use, and protect your personal information, please refer to our Privacy Policy.
Platform Security
Plain English Summary
Our systems are built on enterprise-grade cloud infrastructure with multiple backup locations. We monitor for threats 24/7, require multi-factor authentication for admin access, and automatically log you out after inactivity to keep your account safe.
Infrastructure Protection
Heritage Web employs enterprise-grade cloud infrastructure with:
- Redundant data centers for high availability
- Geographic distribution for disaster resilience
- Automated backup systems for data recovery
- Continuous monitoring for threat detection
- Regular security updates and patches
Access Control
We implement strict access controls to protect your data:
- Multi-factor authentication for administrative access
- Role-based permissions limiting data access
- Single Sign-On (SSO) capabilities for user convenience
- Regular access reviews and updates
- Immediate revocation upon role changes
Application Security
Our applications across all Heritage Web publications include:
- Secure coding practices in development
- Regular security assessments and testing
- Input validation to prevent malicious attacks
- Session timeout for inactive users
- Audit logging of security-relevant events
Payment Security
Plain English Summary
We never store your credit card information. All payments go through certified, secure payment processors (like Stripe) that banks and major companies use. Your payment data is protected by the same standards used by Amazon and other major retailers.
PCI DSS Compliant
We partner with PCI DSS Level 1 certified payment processors - the highest level of payment security certification.
Payment Protection
Heritage Web partners with industry-leading, PCI DSS compliant payment processors to handle all financial transactions securely. This ensures:
- Your payment information is never stored on our servers
- All transactions are processed through encrypted channels
- Compliance with payment card industry security standards
- Protection against payment fraud
- Secure handling of subscription and payment data
Compliance & Standards
Plain English Summary
We follow all major data protection laws including GDPR for Europe, CCPA for California, and HIPAA for health information. Our security practices meet or exceed industry standards, and we regularly check to make sure we're compliant.
Regulatory Compliance
Heritage Web maintains compliance with GDPR, CCPA/CPRA, HIPAA, and PCI DSS standards to protect your data according to the strictest global requirements.
Regulatory Compliance
Heritage Web maintains compliance with applicable data protection regulations:
GDPR: For our European Union users
CCPA/CPRA: For California residents
HIPAA: For protected health information (see our dedicated HIPAA Compliance page for details)
PCI DSS: Through our certified payment processing partners
Security Standards
Our security practices align with industry-recognized frameworks:
- Regular security assessments
- Documented security procedures
- Employee security training
- Vendor security requirements
- Continuous improvement processes
Incident Response
Plain English Summary
We monitor for security issues 24/7 and have a trained team ready to respond immediately to any incidents. If something affects your data, we'll notify you as required by law and work quickly to fix the problem.
24/7 Security Monitoring: Our systems are monitored around the clock for security events, with immediate escalation procedures for any detected threats.
Response Process
In the event of a security incident:
- Immediate containment of the threat
- Assessment of impact and scope
- Eradication of the security issue
- Recovery of affected systems
- Notification to affected parties as required
- Post-incident review and improvements
User Security Responsibilities
Plain English Summary
Security is a team effort. You can help by using strong passwords, enabling two-factor authentication when available, and letting us know immediately if you see anything suspicious. Always log out when using shared computers.
How You Can Help
While we implement comprehensive security measures, security is a shared responsibility. We encourage all users to:
- Use strong, unique passwords for your Heritage Web account
- Enable two-factor authentication when available
- Keep your contact information current
- Report suspicious activities immediately
- Protect your account credentials
- Log out when using shared computers
Contact Us
Need to Report a Security Issue?
If you discover a security issue or have concerns about your account security, please contact us immediately. We take all security reports seriously and will respond quickly.
Security Issues: [email protected]
General Support: [email protected]
Additional Resources
For more information about our security and privacy practices:
Your Security Matters
Our Commitment to You
At Heritage Web, the security of your information is paramount to our mission of connecting communities with trusted professionals. We remain committed to maintaining the highest security standards while providing accessible, reliable services to all our users.
Thank you for trusting Heritage Web with your professional presence online. Together, we build secure, thriving communities across all our publications.
This Security Policy applies to all Heritage Web services, publications, and platforms. For specific questions about security practices for your account or listing, please contact our security team.
Start Secure, Stay Secure
Join thousands of verified professionals who trust Heritage Web with their online presence.
