We take the security of our creators very seriously and work hard to ensure that your information does not fall into the wrong hands. This page describes the various security measures we take to protect against unauthorized access to your information.
Security at LunaLucky
We employ reasonable measures to help protect information from loss, theft, misuse, and unauthorized access, disclosure, alteration, and destruction:
● Vulnerability Management: We maintain a documented vulnerability management program to stress-test our systems, which includes intermittent security scans, identification, and remediation of potential internal or external vulnerabilities.
● Incident Response: We conduct table-top exercises and have protocols in place to effectively investigate, manage, respond to, and remedy incidents of unwelcome intrusion or malicious acts.
● Penetration Testing: We conduct penetration testing exercises annually to assess the robustness of our systems and processes.
● Employee Security Policies: Our employees adhere to security policies designed to keep your data safe. For example, we maintain a robust system of role-based access controls, encrypt and conceal certain types of information from employee access, authenticate and authorize only necessary access to data, and employ network protocols to ensure secure access. Employees are required to provide multiple pieces of evidence (multi-factor authentication) to verify their identity before gaining access to LunaLucky systems, and we review those permissions regularly.
● Secure Coding Practices: Our global development team implements widely accepted secure coding practices and security protocols to deter eavesdropping, tampering, hacking, and fraud, such as by encrypting or concealing data at rest and in transit.
● Physical Security: We contract with security vendors to employ accredited auditing procedures to protect against physical threats at our facilities.
Security Tips – To Do
Here are some things you can do to keep your account safe:
● Choose a Strong Password: Use a combination of at least 8-16 characters, including special characters (like !, @, or $), lower and uppercase letters, and numbers. Ensure it’s different from passwords you use elsewhere on the internet.
● Report Suspicious Activity: If you encounter fraudulent or suspicious activity, report it to us immediately.
● Sign Out: Always sign out of unused devices.
Security Tips – Not To Do
To help keep our platform safe and reduce the possibility of unauthorized access, do not:
● Share Your Password: Never give your password to someone you don’t know or trust.
● Alter Services: Do not copy, modify, or alter any parts of our services.
● Unauthorized Access: Do not attempt to access our services where you are not explicitly authorized or try to access private connections between devices or programs.
● Data Duplication: Do not store, copy, or duplicate any part of our services or other creator profiles or photos for reuse or transfer without our explicit consent and in a medium not intended as part of our services.
● Unwanted Communication: Do not spam or send any unwanted communication to any creators.
● Username Restrictions: Do not create usernames that include a web address or your primary email address.
● Malware Transmission: Do not transmit any malware to our network.
● Reverse Engineering: Do not backwards engineer or imitate our services.
● Competing Services: Do not export or access our network for the purpose of competing with or profiting from our services.
● Ethical Integrity: Do not jeopardize the ethical integrity of our services.