Encryption of sensitive data and communication 

All card numbers are encrypted at rest with AES-256. Decryption keys are stored on separate machines. None of our pay,ent processor’s internal servers and daemons can obtain plaintext card numbers but can request that cards are sent to a service provider on a static allow list. The processor’s infrastructure for storing, decrypting, and transmitting card numbers runs in a separate hosting environment, and doesn’t share any credentials with their primary services (API, website, etc.)

• We do not keep customer credit card information on file.

• We do not share customer information.

• We do not sell customer information.

• All credit card transactions are encrypted. 

• When our customers create their personal account with HK HAUS they provide their name, address, telephone number, and email address, this is the only personal information retained by HK HAUS.

• All credit card transactions are done through Authorize.net.

• Authorize.net has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry.