Last updated: September 11, 2025

At Cosmotify, we take security seriously and work to protect your information and purchases. While no system can be guaranteed perfectly secure, our checkout and store are designed with layered safeguards and industry-recognized practices.

1) Secure checkout (HTTPS + PCI)

• Encrypted in transit: Our site uses HTTPS (TLS) to help protect data as it moves between your browser and our servers.
• PCI DSS–compliant checkout: Our checkout is powered by Shopify Payments, which is designed to meet PCI DSS requirements for handling card data.
• We don't store full card details: Card numbers and CVV/CVC are processed by our payment providers; we do not keep full card numbers or CVV/CVC on Cosmotify systems.
• Tokenization: Where supported, payment details are replaced with tokens so recurring operations (e.g., refunds) can be completed without exposing raw card data.

Payment methods supported: Visa, Mastercard, American Express, Discover, Union Pay, ELO, JCB, Diners Club, PayPal Shop Pay, Apple Pay, Google Pay. See Terms of Service for additional conditions.

2) Fraud prevention & order verification

• Automated risk screening: Orders may be checked for signals of fraud (address verification, IP/payment consistency, unusual activity).
• Manual verification: If an order is flagged as high-risk, we may contact you to confirm details or cancel and refund the order if we can't verify it.
• Signature on delivery (optional): Not required by default. If you want signature confirmation, contact us after ordering—we'll add it at no extra cost.
• No exchanges: For your protection, we don't do item-for-item exchanges. Please return and reorder. See Refund Policy.

3) Recognizing legitimate communication (avoid phishing)

We will never ask you to share your full card number, CVV/CVC, or your account password by email, SMS, or chat.

• Official domains/emails: Orders and support come from cosmotify.com and emails like hi@cosmotify.com.
• Red flags: Urgent payment demands, requests to pay off-site, attachments from unknown senders, or links that don't go to cosmotify.com.
• If in doubt: Do not click links or download files. Forward the message to hi@cosmotify.com and we'll confirm.

4) Wallets & platform controls

• Apple Pay / Google Pay / Shop Pay: These wallets use their own security features (e.g., device-level protections and tokenization). Your full card number is not shared with us when you pay via these wallets.
• Device & browser settings: Keep your browser/device updated and consider built-in security features (e.g., biometric unlock, OS passcodes, anti-malware).

5) Chargebacks, unauthorized use & disputes

• If you see an unfamiliar charge: Contact your bank or card issuer immediately and then email us at hi@cosmotify.com with your order number (if any).
• Stolen cards / identity theft: Please notify your issuer first; we'll cooperate with their investigation and provide order records where appropriate.

6) Your part in staying safe

• Use unique credentials: Don't reuse passwords across sites.
• Protect access codes: If your email provides one-time codes for login/verification, don't share them.
• Review statements: Check your card/bank statements and order emails regularly.
• Secure networks: Avoid entering payment information on public/shared computers or untrusted Wi-Fi.

7) Privacy, data use & retention

• Minimal payment data on our side: We do not store your full card number or CVV/CVC.
• Order records: We retain order information (e.g., items purchased, amounts, timestamps) as required for operations, accounting, tax, and legal compliance.
• Your rights: For data access/deletion/correction and "Do Not Sell or Share" options (CPRA), see our Privacy Policy , Your Privacy Choices and Do Not Sell or Share My Personal Information.

8) Vulnerability reporting (responsible disclosure)

If you believe you've found a security issue affecting Cosmotify or our customers, please email hi@cosmotify.com with a clear description and steps to reproduce. Do not publicly disclose before we've had a reasonable chance to investigate and address the issue.

9) Updates to this page

Security practices evolve. We may update this page to reflect changes in technology, standards, or our processes. The "Last updated" date above shows the latest version.