Skip to Content

Security Policy

Security Policy

Last Updated: April 22, 2026

At IQuality, we take the security of your personal and payment information seriously. This Security Policy describes the technical and organizational measures we implement to protect your data and the responsibilities shared between us and our customers.

1. Infrastructure Security

Our website is hosted on trusted, enterprise-grade platforms. All data transmission between your browser and our website is encrypted using TLS (Transport Layer Security), indicated by the padlock icon in your browser address bar.

We do not store cardholder data on our own servers. Payment processing is handled by certified third-party payment gateways that comply with PCI DSS (Payment Card Industry Data Security Standards).

2. Access Controls

Access to customer data and business systems is restricted to authorized personnel only. We apply the principle of least privilege, meaning team members only access data necessary for their specific role. All administrative access is protected by strong passwords and, where available, multi-factor authentication (MFA).

3. Data Storage and Encryption

Sensitive data such as passwords are stored using industry-standard hashing algorithms. Payment information is tokenized and never stored in plain text. Customer order and personal data is stored securely within our ERP system with role-based access controls.

4. Third-Party Services

We use reputable third-party services including payment processors, shipping providers, and analytics tools. Each third party is selected based on their security practices and compliance with applicable regulations. We do not sell your data to third parties.

5. Vulnerability Management

We regularly monitor our website and systems for vulnerabilities. Security patches and platform updates are applied promptly. We conduct periodic reviews of our security configuration and access logs.

6. Incident Response

In the event of a data security breach that affects your personal data, we will:

•       Notify affected customers within 72 hours of becoming aware of the breach, or as required by applicable law

•       Describe the nature of the breach, what data was involved, and the steps we have taken

•       Provide guidance on steps you can take to protect yourself

•       Report the breach to relevant Saudi authorities (CITC / NCA) as required by law

7. Customer Responsibilities

Your account security is a shared responsibility. We ask you to:

•       Use a strong, unique password for your IQuality account

•       Never share your login credentials with others

•       Log out of your account when using shared or public devices

•       Contact us immediately if you suspect unauthorized access to your account

•       Keep your email address up to date so we can reach you in case of a security event

8. Cookies and Tracking

Our website uses cookies to maintain session security and improve user experience. Security-related cookies are strictly necessary and cannot be disabled. For details on how we use cookies, please refer to our Privacy Policy.

9. Responsible Disclosure

If you discover a security vulnerability in our website or systems, we ask that you disclose it to us responsibly. Please email us at [email protected] with the subject line "Security Disclosure." We commit to responding within 5 business days and will not pursue legal action against good-faith security researchers.

10. Contact

For security-related concerns, please contact us:

•       Email: [email protected]

•       Website: iquality-glasses.com