Keeping BikeBuy secure is a shared responsibility. This Security Policy explains the measures we take to protect the platform and your information, and the steps you can take to keep your account and transactions safe.
1. Our security responsibilities
We take appropriate, reasonable measures to protect the Website and your information, including:
- serving the Website over encrypted connections (HTTPS/TLS);
- hosting on reputable, access-controlled infrastructure;
- storing passwords using strong one-way hashing — we never store them in plain text;
- restricting employee and contractor access to personal information on a need-to-know basis;
- maintaining backups and logging to detect and recover from incidents; and
- reviewing and improving our security practices over time.
2. Our disclaimers
No method of transmission or storage is completely secure. While we work hard to protect your information, we cannot guarantee absolute security, and we are not responsible for the security practices of third parties (including other users, payment providers, and external websites) or for compromises arising from factors outside our reasonable control, such as malware on your own device. Nothing in this policy limits any liability that cannot lawfully be limited.
3. Your security responsibilities
To help keep your account safe, you should:
- keep your device's operating system, browser and security software up to date, and run regular malware scans;
- only access BikeBuy from devices and networks you trust;
- be alert to scams — be cautious of deals that seem too good to be true, requests to pay outside recommended methods, or pressure to act quickly; and
- always log out when using a shared or public device.
4. Protecting your password
- Choose a strong, unique password that you do not reuse on other sites.
- Never share your password, and remember that we will never ask you for it by email, phone or message.
- Change your password immediately, and contact us, if you suspect it has been compromised.
5. Safe transactions
Many marketplace transactions happen directly between buyers and sellers. To stay safe, verify the other party and the item before paying, meet in a safe public place, inspect items in person where possible, and avoid payment methods that offer no recourse. BikeBuy is not a party to transactions between users — see our Terms of Service.
6. Payments and card information
Payments for paid Services are handled by reputable third-party payment providers over encrypted connections. We do not store your full card details on our systems. Your use of a payment provider is subject to that provider's terms and security practices, which are designed to meet recognised standards such as PCI-DSS.
7. Look for a secure connection
Before entering sensitive information, check that the page address begins with https:// and shows bike-buy.co.za as the domain. If anything looks unusual, do not proceed and contact us.
8. Phishing and fraud
Be wary of emails, messages or websites that impersonate BikeBuy and ask for your login details, payment information or personal data. We will never ask you to confirm your password or full card number by email or message. If you receive a suspicious communication that appears to come from us, do not click any links — report it to [email protected].
9. Reporting a vulnerability
We welcome reports from security researchers. If you believe you have found a security vulnerability, please report it responsibly to [email protected] and give us a reasonable opportunity to address it before any public disclosure. Please do not access or modify other users' data, degrade the Service, or use the vulnerability beyond what is necessary to demonstrate it.
10. Our right to act
We may take any steps we reasonably consider necessary to protect the Website, its users and their information — including suspending accounts, blocking access, requiring password resets, and notifying affected users and the authorities where appropriate.
11. Contact us
For security concerns, contact [email protected]. For other matters, see our Privacy Policy and Terms of Service.