Website Preloader

Yubotanics – Security Statement

Last updated: [Insert Date]

Yubotanics Ltd (“we”, “us”, “our”) is committed to protecting the security, confidentiality, and integrity of all personal data we process. As an online skincare brand, we understand that customers trust us not only with their skin, but with their personal information—and we take that responsibility seriously.

This Security Statement outlines the steps we take to safeguard our systems, website, and customer data.

1. Our Security Commitment

We operate with a security-first mindset across our digital infrastructure and internal processes. Our objectives are to:

  • Protect customer information

  • Prevent unauthorised access

  • Maintain secure and reliable website operations

  • Comply with UK GDPR and data-protection law

  • Reduce risk through continuous monitoring and improvement

Security is an essential part of how we run Yubotanics—not an afterthought.

2. Website & Data Encryption

To protect data in transit, our website uses:

  • HTTPS / SSL encryption across all pages

  • Secure connections between browsers and our servers

  • Regular certificate updates and maintenance

Any personal information shared on our website—such as login details, order information, or contact forms—is encrypted to prevent interception.

3. Payment Security

Yubotanics does not store or process full payment card details on our servers.

All transactions are handled by trusted, PCI-DSS compliant payment providers (e.g., Stripe, PayPal), who use:

  • Tokenisation

  • Encrypted payment gateways

  • Fraud detection systems

  • Robust financial-security protocols

We retain only the minimum transactional data needed for order fulfilment and accounting.

4. Platform & Infrastructure Security

Our ecommerce platform and hosting providers maintain:

  • Firewalls

  • Secure server environments

  • Access controls and authentication protocols

  • Automated system updates and patching

  • Intrusion detection and prevention tools

  • Regular performance and security audits

We choose partners who meet high security and compliance standards.

5. Access Control & Internal Safeguards

Internal access to customer data is restricted on a strict need-to-know basis.

We implement:

  • Limited access permissions

  • Secure passwords and login policies

  • Two-factor authentication (2FA) where applicable

  • Staff awareness of data-protection responsibilities

  • Confidentiality obligations for all individuals handling data

Only authorised individuals can access operational systems.

6. Data Storage & Backups

Customer data stored in our systems is:

  • Hosted in secure, UK/EU-compliant data centres

  • Backed up regularly to prevent loss

  • Protected by encryption and access restrictions

Backups follow secure retention and deletion protocols.

7. Monitoring & Threat Protection

We actively monitor for:

  • Suspicious login attempts

  • Unauthorised access

  • Malware or malicious activity

  • Abnormal website performance

Our systems employ automated safeguards designed to detect and prevent common threats such as:

  • Brute force attacks

  • Injection attempts

  • Cross-site scripting (XSS)

  • Distributed denial-of-service (DDoS) patterns

8. Third-Party Vendors & Security

Before partnering with third-party providers, we assess:

  • Security certifications

  • Data-handling protocols

  • Regulatory compliance

  • Privacy safeguards

  • Access restrictions

We work only with vendors who meet the security standards required under UK GDPR.

9. Incident Response

While we take extensive precautions, no system is entirely immune to risk. In the event of a security incident:

  • We act promptly to contain and investigate the issue

  • We notify affected customers in accordance with legal requirements

  • We document the incident

  • We implement corrective measures

  • We review and strengthen protections to prevent recurrence

Our priority is customer protection and transparency.

10. Customer Responsibilities

You also play a role in maintaining secure interactions with our website by:

  • Using strong, unique passwords

  • Keeping login details confidential

  • Logging out of accounts when using shared devices

  • Not sharing sensitive information via unsecure channels

If you suspect unusual activity on your account, contact us immediately.

11. Continuous Improvement

Security is an ongoing process. As Yubotanics expands, we will continue to:

  • Review and update security practices

  • Introduce new security tools and technologies

  • Train internal teams on emerging threats

  • Update this Security Statement annually or as needed

12. Contact Us

For questions or concerns about security, contact:

Email: support@yubotanics.com
We typically reply within 24–48 working hours.