Skip to main content

Payment and Security Statement

WuShu Federation

Last Updated: September 27, 2025

1. Our Security Commitment

The WuShu Federation is committed to protecting your payment information and personal data through industry-leading security practices. We employ multiple layers of security to ensure your donations are processed safely and securely.

2. PCI DSS Compliance

2.1 Payment Card Industry Standards

We comply with the Payment Card Industry Data Security Standard (PCI DSS), which includes:

  • Secure Network: Protected by firewalls and encrypted connections
  • Data Protection: Payment card data is encrypted and never stored unnecessarily
  • Vulnerability Management: Regular security updates and anti-virus protection
  • Access Control: Restricted access to payment systems with unique user IDs
  • Network Monitoring: Continuous monitoring and testing of security systems
  • Information Security: Formal security policies and procedures

2.2 PCI DSS Certification

Our payment processing partners maintain:

  • PCI DSS Level 1 Service Provider certification
  • Regular security audits and compliance assessments
  • Certified secure payment processing environments

3. Payment Processing Security

3.1 Secure Payment Processing

Payment Processor: Cardcom (cardcom.co.il)
Security Certifications: PCI DSS Level 1, ISO 27001
Encryption Standard: 256-bit SSL/TLS encryption
Tokenization: Credit card numbers replaced with secure tokens
Digital Receipts: Automatically generated for all transactions

3.2 Data Handling

  • No Storage: We do not store complete credit card information
  • Tokenization: Sensitive data replaced with secure tokens
  • Encryption: All payment data encrypted in transit and at rest
  • Access Control: Limited access to payment systems on need-to-know basis

3.3 Payment Methods Accepted

Secure Payment Options:

  • Visa and MasterCard credit/debit cards
  • Israel-specific payment methods (Isracard, Leumi Card)
  • Bank transfers through secure banking systems
  • Digital wallets (PayPal, Apple Pay, Google Pay) via Cardcom

4. Website Security Measures

4.1 Technical Security

  • SSL/TLS Encryption: All pages secured with 256-bit encryption
  • HTTPS Protocol: Secure connection for all website communications
  • Security Headers: Content Security Policy and other protective headers
  • Regular Updates: Frequent security patches and system updates

4.2 Infrastructure Security

  • Hosting Security: Secure hosting environment with 24/7 monitoring
  • Backup Systems: Regular encrypted backups stored securely
  • Intrusion Detection: Advanced monitoring for suspicious activities
  • DDoS Protection: Protection against distributed denial of service attacks

5. Data Protection and Privacy

5.1 Personal Data Security

In accordance with Israeli Privacy Protection Law and GDPR:

  • Personal data encrypted both in transit and at rest
  • Access controls limit data access to authorized personnel only
  • Regular security audits and vulnerability assessments
  • Data breach response procedures in place

5.2 Data Minimization

We collect and process only the minimum data necessary for:

  • Processing your donation
  • Providing tax receipts through Cardcom's automated system
  • Communicating about our programs (with your consent)
  • Legal and regulatory compliance

6. Third-Party Security

6.1 Service Provider Security

All third-party services we use meet strict security requirements:

Payment Processors (Cardcom):

  • PCI DSS Level 1 compliance
  • Regular security certifications
  • Contractual data protection obligations
  • Israeli-based secure processing

Analytics and Support Services:

  • Privacy-compliant data processing
  • Appropriate technical and organizational measures
  • Data processing agreements in place

7. Your Security Responsibilities

7.1 Protecting Your Information

To help keep your information secure:

  • Use strong, unique passwords for any account created
  • Log out completely when using shared computers
  • Never share login credentials with others
  • Report suspicious activity immediately

7.2 Safe Browsing Practices

  • Verify you're on our official website (look for HTTPS and correct URL)
  • Use updated browsers with current security features
  • Be cautious when using public Wi-Fi for donations
  • Keep your devices updated with latest security patches

8. Fraud Prevention

8.1 Fraud Detection

We employ multiple fraud prevention measures:

  • Real-time transaction monitoring through Cardcom
  • Address and CVV verification
  • Suspicious activity detection algorithms
  • Manual review of flagged transactions

8.2 Disputed Charges

If you notice unauthorized charges:

  1. Contact us immediately at This email address is being protected from spambots. You need JavaScript enabled to view it.
  2. Contact your credit card company or bank
  3. We will investigate all disputed charges promptly
  4. Cooperation with law enforcement as appropriate

9. Incident Response

9.1 Security Incident Procedures

In the event of a security incident:

  • Immediate assessment and containment
  • Notification to relevant authorities as required by law
  • Communication to affected individuals within legal timeframes
  • Post-incident analysis and improvements

9.2 Breach Notification

As required by Israeli law and GDPR:

  • Authority notification within 72 hours (where required)
  • Individual notification without undue delay (where high risk)
  • Clear communication about the incident and recommended actions

10. Compliance and Certifications

10.1 Legal Compliance

Our security practices comply with:

  • Israeli Laws: Privacy Protection Law, Data Security Regulations
  • International Standards: GDPR, PCI DSS, ISO 27001
  • Industry Best Practices: NIST Cybersecurity Framework

10.2 Regular Audits

We conduct:

  • Annual PCI DSS compliance assessments
  • Regular penetration testing
  • Quarterly vulnerability scans
  • Ongoing security training for staff

11. Secure Communication

11.1 Official Channels

Secure Communication Methods:

  • Website contact form (encrypted)
  • Official email addresses: @supportisraelwushu.com
  • Primary email: This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Phone: +972-89491544

11.2 Verification

We will never:

  • Ask for sensitive information via unsolicited email
  • Request password or payment information by phone
  • Ask you to verify information through suspicious links

12. International Security Considerations

12.1 Cross-Border Security

For international donors:

  • All international transfers use secure, encrypted channels
  • Compliance with both local and Israeli security requirements
  • Additional verification may be required for large international donations (over 5,000 NIS)

12.2 Currency and Exchange

  • Exchange rates calculated securely at time of transaction through Cardcom
  • No storage of international banking details
  • Secure processing through certified international payment networks

13. Security Updates and Improvements

13.1 Continuous Improvement

We regularly:

  • Update security technologies and practices
  • Monitor emerging threats and vulnerabilities
  • Participate in security industry forums and training
  • Implement new security measures as they become available

13.2 Technology Updates

  • Regular security patch management
  • Monitoring of security advisories
  • Proactive security enhancements
  • Investment in new security technologies

14. Contact Security Team

14.1 Security Concerns

For security-related issues or questions:

Security Team Email: This email address is being protected from spambots. You need JavaScript enabled to view it.
Phone: +972-89491544
Business Hours: Sunday-Thursday, 9:00 AM - 4:00 PM Israel Time (Email support preferred)

Security Officer: Mr. Alexander Frenkel
Email: This email address is being protected from spambots. You need JavaScript enabled to view it.

14.2 Reporting Vulnerabilities

If you discover a security vulnerability:

  • Report immediately to This email address is being protected from spambots. You need JavaScript enabled to view it.
  • Include detailed information about the issue
  • We will acknowledge receipt within 24 hours
  • Responsible disclosure practices followed

15. Additional Resources

15.1 Security Information

15.2 Mailing Address

WuShu Federation
P.O.B. 1967
Rehovot 7611601, Israel

This Payment and Security Statement was last updated on September 27, 2025. We reserve the right to update our security practices as technology and threats evolve.