01

Practices

At Chhimphei WPPCL, we implement industry-leading security measures to ensure your data remains protected at all times. Our comprehensive approach to security encompasses multiple layers of protection and continuous monitoring.

Core Security Principles

We follow the principle of least privilege, ensuring that systems and users only have access to the resources they absolutely need.

Our security practices include:

  • Least-privilege access for internal tools
  • Regular dependency updates and vulnerability scanning
  • Encrypted transport (HTTPS)

We continuously monitor our infrastructure for potential threats and apply security patches promptly to maintain the highest level of protection for your data.

02

Payments

Your financial security is paramount to us. We've designed our payment systems with multiple safeguards to protect your sensitive information throughout every transaction.

Payment Security

We never store full card details on our servers. All payment processing is handled by compliant third-party providers.

Cash-on-delivery by default; any online processing is handled by compliant providers. We don't store full card details.

For online transactions, we partner with PCI-DSS compliant payment processors who specialize in secure payment handling. This means your card information is encrypted and processed through secure channels that meet the highest industry standards.

Our cash-on-delivery option provides an additional layer of security for customers who prefer not to share payment information online, giving you complete control over how and when you make your payment.

03

Responsible Disclosure

We take security vulnerabilities seriously and appreciate the efforts of security researchers and ethical hackers who help us maintain a secure platform. If you discover a potential security issue, we encourage you to report it responsibly.

How to Report

Report vulnerabilities to security@chhimphei.local. Please include steps to reproduce.

When reporting a vulnerability, please include:

  • A detailed description of the vulnerability
  • Steps to reproduce the issue
  • Potential impact of the vulnerability
  • Any proof-of-concept code (if applicable)
  • Your contact information for follow-up

We commit to acknowledging your report within 48 hours and will work diligently to address valid security concerns. We ask that you give us reasonable time to investigate and resolve the issue before public disclosure.

Please refrain from accessing or modifying user data, executing denial-of-service attacks, or engaging in any activity that could harm our users or services during your security research.

Questions About Security?

security@chhimphei.local

Contact Us