Effective Date: 25 September 2025
Company: TASKRA LTD (company number 16744448)
Registered Address: 199 Cundy Street, Sheffield, England, S6 2WP
Telephone: +44 7401 150289
Email: support@ittaskra.com
Website: https://ittaskra.com/
1. Purpose and Scope
1.1 This Policy explains our security practices and how disputes are handled for purchases on https://ittaskra.com/ (the “Site”).
1.2 We sell digital products only and use minimal data (first name, last name, email). We do not operate user accounts or subscriptions and we use strictly necessary cookies only.
1.3 This Policy complements our Terms of Use, Privacy Policy, Cookie Policy, Payment Policy, Refund & Cancellation Policy, and Customer Conduct Terms.
2. Security Principles
2.1 Data minimisation: we collect only what is needed to deliver your digital order and provide support.
2.2 Defence in depth: layered organisational, technical and operational controls.
2.3 Least privilege: access is granted only where required and reviewed periodically.
2.4 Vendor due diligence: we select reputable providers (e.g., hosting, payment processing) with appropriate contractual and technical safeguards.
2.5 Continuous improvement: we monitor, review, and improve our controls in line with risk.
3. Technical Measures
3.1 HTTPS/TLS for data in transit.
3.2 Hardened hosting with firewall/WAF, basic rate-limiting and abuse prevention.
3.3 Secure development & configuration: principles of least privilege, separation of environments, dependency hygiene.
3.4 Backups and recovery procedures for critical assets.
3.5 Logging & monitoring for availability, error tracking and basic security events.
3.6 Payments are processed by our provider (e.g., Stripe). We do not receive or store full card numbers or CVV/CVC.
4. Organisational & Operational Measures
4.1 Access controls: role-based permissions, need-to-know, periodic reviews.
4.2 Confidentiality: staff/contractors are bound by confidentiality commitments.
4.3 Change control: documented changes with basic peer review where applicable.
4.4 Incident response: documented steps for detection, containment, investigation, remediation and communication.
4.5 Vendor management: contracts include data-processing and security terms where applicable.
5. Third-Party Providers
5.1 Payment processor (e.g., Stripe): payment collection, fraud screening, status callbacks.
5.2 Hosting/CDN/WAF: site delivery, uptime, security controls.
5.3 Transactional email: sends receipts and download/access links.
We require appropriate safeguards and use recognised transfer mechanisms when data is processed outside the UK (see Privacy Policy).
6. Security Incidents & Notifications
6.1 We treat any suspected compromise as a security incident and follow our incident response procedure (contain → investigate → remediate → review).
6.2 Where required by law, we will notify regulators and affected individuals without undue delay and provide guidance on protective steps.
6.3 If you suspect unauthorised activity related to your purchase (e.g., someone else accessed your download link), contact support@ittaskra.com immediately.
7. Responsible Disclosure (Vulnerability Reports)
7.1 If you discover a security vulnerability, please report it to support@ittaskra.com with “Security Report” in the subject.
7.2 Do not exploit, access other users’ data, disrupt services, or perform actions that could cause harm.
7.3 Provide enough detail to reproduce the issue (steps, affected URL, screenshots). We will acknowledge receipt and keep you updated in good faith.
7.4 This is a good-faith disclosure channel — no extortion or demands. Public disclosure should be coordinated with us.
8. Customer Responsibilities
8.1 Keep your purchase email secure and monitor it for order messages.
8.2 Do not share download/access links publicly or with unauthorised persons.
8.3 Use up-to-date, standard software to open purchased files; follow any product usage notes.
8.4 Follow our Customer Conduct Terms; do not attempt bypasses, scraping, or abuse.
9. Fraud & Abuse Prevention
9.1 We use rate-limiting, token validation and other basic checks to protect checkout and downloads.
9.2 We may restrict or refuse orders where we reasonably detect fraud or abuse, and we may revoke access to digital items tied to abusive activity.
9.3 Filing unfounded chargebacks after successful download/use may be treated as abuse (see Customer Conduct Terms).
10. Dispute Resolution — Step by Step
10.1 Contact us first: email support@ittaskra.com from your purchase email. Include order ID, product name, date/time, and a clear summary (screenshots help).
10.2 We investigate: we review logs, payment status, and product records; we may ask clarifying questions.
10.3 Our initial response: we aim to reply within 3–5 business days with findings or next steps.
10.4 Proposed remedies (as applicable):
- re-delivery of download/access links;
- corrected or replacement files;
- guidance for standard, up-to-date software;
- refund according to our Refund & Cancellation Policy.
10.5 If you disagree: you may request an internal review (a fresh look by a different reviewer). Provide any additional evidence.
11. Escalation, ADR and Governing Law
11.1 If we cannot resolve a dispute amicably, either party may propose a UK-approved Alternative Dispute Resolution (ADR) provider. Participation is subject to mutual agreement.
11.2 Nothing limits your right to bring a claim in the courts of England and Wales.
11.3 This Policy and any dispute arising out of or relating to it are governed by the laws of England and Wales.
12. Changes to this Policy
12.1 We may update this Policy. The Effective Date above shows the current version. Material changes will be highlighted on the Site where appropriate.
13. Contact
TASKRA LTD — 199 Cundy Street, Sheffield, England, S6 2WP
Tel: +44 7401 150289 · Email: support@ittaskra.com · Website: https://ittaskra.com/