Why and How Your Data is Safe
Protecting your data is our number one priority; so we made sure every step of our app’s process is secure. We know how important privacy and security is to you because it is to us as well. When we set out to make this app, we asked ourselves what we would be comfortable with in terms of privacy. Then we scaled it back even further. And we were already downright obsessive to begin with. Now we have a powerfully safe platform; one that even the most paranoid among us could be comfortable with using and recommending.
Sensitive data is highly regulated in the United States, and Gun Transfer complies with all the laws and regulations out there; not to mention we hold all the required certifications. All our partners do as well, so there isn’t a weak link to be had anywhere in our system.
The Simple Overview
For starters, we designed a data architecture that keeps your records safe. It separates the personal, sensitive data from everything else, effectively putting that data on an island. Or in our case, a different server entirely. Another way to think of it would be if you wrote a list of guns, put it in a bottle and threw it in the ocean. If someone found that list, they wouldn’t know the purpose of it, or, more importantly, to whom it belonged. This is how Gun Transfer handles your information. We have separate servers for personal information like background checks and identity verifications, so your data isn’t connected with things like your payment information or gun transfers.
We don’t stop there though, because we don’t want your data accessed in the first place—even if it is separate from your identifying information. All of that sensitive data is secured behind firewalls and passwords, hiding the fact that it was ever there. Additionally, controlled access points prevent anyone from finding the information, and then encryption scrambles it. Essentially, that list in the ocean becomes nearly impossible to discover, and unintelligible to anyone who does happen to miraculously find it. Then on top of everything else, we constantly monitor things to make sure no one is looking for the data in the first place.
If that seems like overkill… well, good. Because that’s kind of what we were going for. It wasn’t enough for us to meet all the required standards, but of course, we do that too.
The Legal Regulations We Follow, or the More Technological Answer
Basic user account information is the only personal data stored on our servers. Sensitive data, like your social security number, goes directly to our data partners who are licensed in running background checks. They run identity checks for a multitude of reasons, among them being employment screenings, rental agreements, and more. These partners cannot distinguish between someone needing a background check in order to coach a youth sports team or those applications coming from people transferring a gun.
Identity verification and running background data falls under the Fair Credit Reporting Act (FCRA) and is designed to protect the accuracy, fairness and privacy of consumer information. It maintains strict standards for data management, protecting the information entrusted to those partners. Additionally, they store and purge that data regularly, in accordance to the law and EI3PA certification.
When it comes to handling Sensitive Personally Identifiable Information (SPII), Gun Transfer errs on the side of caution. We never store your sensitive financial information. We transfer the data to our reputable partners who comply with all the PCI Data Security Standards (PCI DSS) and PA DSS. These standards are mandatory for all companies that store, process or transmit credit card data, protecting your sensitive information. Under Armor, Adidas and OpenTable all use the same partner as Gun Transfer.
By teaming up with these prestigious partners and maintaining separate servers, we ensure your data is never compromised. Tight security is not a luxury, it’s a necessity; and no one understands that better than we do. We appreciate you putting your trust in us, and we will always do the utmost we can to keep your data secure.Back to All Posts