Security Capabilities Statement
Last updated: October 7, 2025
At Garac Business Group LLC, your privacy, security, and trust are our top priorities.
We take extensive measures to ensure that all information shared through our website https://strahinjaergarac.com is protected from unauthorized access, misuse, or disclosure.
Even though our primary business involves creative and production services rather than direct e-commerce transactions, we apply the same level of security as leading global digital service providers.
1. Website Security
- Our website uses Secure Socket Layer (SSL) encryption (HTTPS) on all pages, ensuring that any data transmitted between your browser and our server remains private and secure.
- We continuously monitor the site for potential vulnerabilities, malware, and unauthorized access attempts.
- Hosting is provided through reputable, security-certified providers that comply with ISO 27001 and GDPR standards.
- Administrative access is strictly limited to authorized personnel only, protected with multi-factor authentication (MFA) and activity logging.
2. Payment Security
If payments are made through our website or via digital invoices, they are processed exclusively using trusted, PCI DSS-compliant payment gateways such as:
- Stripe,
- PayPal,
- Wise, or
- other globally recognized processors.
These platforms handle all payment data securely — Garac Business Group LLC never stores or has direct access to your credit card or banking information.
All transactions are protected with end-to-end encryption and tokenization technology to prevent unauthorized use or interception of sensitive data.
3. Data Protection Practices
We handle all personal and payment information according to our Privacy Policy and applicable privacy regulations, including:
- General Data Protection Regulation (GDPR) (EU)
- California Consumer Privacy Act (CCPA) (US)
Collected data is used strictly for order processing, project communication, and lawful business purposes.
We do not sell, rent, or share your information with any third parties for marketing purposes.
4. Secure Communication
When sharing project files, contracts, or invoices, we use encrypted communication channels such as:
- Verified email domains ending with @strahinjaergarac.com
- Secure document delivery through trusted cloud systems (Google Workspace, Dropbox, Frame.io, or Adobe Cloud)
- Optional password-protected file links for sensitive materials.
We strongly advise clients to verify sender addresses and never share payment details over unsecured channels (such as public chats or unverified links).
5. Incident Response and Risk Management
Garac Business Group LLC maintains an internal data breach response plan.
In the unlikely event of a security breach affecting personal or payment data, we will:
- Notify affected individuals and relevant authorities without undue delay,
- Investigate and remediate the issue promptly, and
- Implement improved safeguards to prevent recurrence.
6. Responsibility and Client Awareness
While we implement best-practice security protocols, online safety is a shared responsibility.
Clients are encouraged to:
- Use strong, unique passwords for online accounts.
- Avoid public Wi-Fi when making payments or sharing sensitive information.
- Contact us directly if any suspicious emails or payment requests appear to come from our Company.
We never request payment or confidential information via personal messaging apps or unofficial domains.
7. Continuous Improvement
We regularly review and update our security infrastructure to align with evolving industry standards, including ISO 27001, PCI DSS, and NIST frameworks.
As part of our commitment to transparency and client trust, all new systems, plugins, and payment solutions undergo a security and compliance review before implementation.
8. Contact Us
If you have any questions or concerns regarding our security practices or payment processes, please contact:
Garac Business Group LLC
Email: [email protected]
Address: 30 N Gould St Ste R, Sheridan, WY 82801, USA
