The COVID-19 restrictions implemented during the pandemic significantly altered people's shopping habits, replacing traditional visits to supermarkets with online shopping. Even as the pandemic subsides, many people still prefer to purchase most of their necessities on the internet. While online shopping offers undeniable convenience, it also carries significant risks that individuals without specialized knowledge may not be aware of. In this guide, we will explain what you should consider to ensure the safety of your online shopping experience.

Step one, or “looks matter this time”

  • The presence and visibility of cookie banners. Even if you are someone for whom cookies are not important, a company's careful use of this tool is a good indication that they will also handle other aspects of data protection with equal care.
  • Aspects such as website design, language used, and technical solutions employed should align with the products offered. It's unlikely that a website with grammar errors on its homepage or one that uses a free website template will be a trustworthy consultant, particularly in areas like financial investments. In such cases, it's also unlikely that the website creator will handle your personal data carefully and honestly if you decide to register on the site.
  • Another aspect to consider is quality seals, such as Norton Secured or TrustArc, or any other similar solution. You should not only ensure that such a quality seal is indicated on the website but also verify whether it has been genuinely issued to that specific website or service provider. If it's claimed that such a quality seal has been received but turns out to be false, it's a clear sign that the website cannot be trusted. Remember that the quality seal itself does not guarantee secure data processing, but it is one of the elements that can help assess how seriously a company takes data security.
  • Pay attention to the website's name! Fraudulent trading platforms are often created using the design of a well-known company's website, with only minor changes in the company's name.
  • It's important to focus on the reputation of specific sellers, even when shopping on a marketplace platforms. If you see that a particular seller has a poor rating, it's essential to investigate the reasons behind this low rating, such as reading reviews from other buyers, and so on.
  • Also, take note of whether the website (service provider) has its customer support service, its availability (e.g., whether it's available in the Latvian language, whether the consultation phone is toll-free, etc.), and how the quality of customer support service is rated by other customers.
  • Check if secure payment methods are available, such as credit or debit cards and services from reputable e-money institutions. These services often include buyer protection. If payment for a product or service can only be made through cryptocurrency transfers, it's advisable to carefully evaluate other security aspects.

Step two, or “protect yourself, then the Inspectorate will be able to protect you too”

Please note that the primary document to gain insight into what a company or website plans to do with personal data is the privacy policy. 

Particular attention should be given to whether the privacy policy provides complete, understandable, and easily accessible information. The use of a high-quality and comprehensible privacy policy demonstrates the company's commitment to the protection of personal data. A clear understanding of data processing processes within the company should also be provided by a comprehensible privacy policy – including what data will be used for what purposes. After reading the privacy policy, the customer can make an informed decision about whether the security level offered by the company is acceptable to them

Step three, or “absolute security cannot be guaranteed but can be sought upon”

Although integrity and confidentiality issues may appear to be something that only a cybersecurity expert can assess, the solutions used on websites are easily visible and understandable even to users without specific knowledge in this field.

Pay attention to:

  • Whether the website uses HTTPS compatibility (the website address in the browser's address bar does not start with http but with https). For a website to use HTTPS, it must obtain an SSL/TLS certificate from a trusted certification authority, which certifies that the website server is secure. This certificate is then used to establish an encrypted connection between the client and the server. Thus, HTTPS ensures data privacy and security online.
  • Whether the website requests the installation of any applications on your device without a clear purpose. It's a red flag if your antivirus program considers these applications as harmful. Under no circumstances should you disable your antivirus to install such applications. Much depends on us!
  • Remember, the longer the password, the better! If the service provider offers two-factor or multi-factor authentication, we recommend using it! Although it may be a slightly inconvenient solution, it provides additional security

Step four, or “faster and more convenient, is not always better”

Shopping online and using social media for authorization is convenient and quick; however, it's essential to keep in mind the risks associated with your security and privacy. For instance, if someone gains access to your social media account and changes the password, they will not only have control over that account but also your customer account on an online store. Consequently, a fraudster can make purchases or perform other actions in your name and at your expense, causing harm to both you and the online store

Additionally, the option to register with a social media account reduces the number of websites where you need to create unique usernames and passwords, essentially meaning that you use the same password in multiple places. If someone manages to discover it, they will have access to several of your online services. 

Step five, or “common sense must be called upon

Always pay attention to whether the company treats you with respect and honesty. Whether it fulfills the promises stated in its privacy policy regarding data processing, including whether it requests data that the company cannot justify.

Before making a payment for an order, take a second look to ensure that services or products you do not wish to purchase have not appeared in your cart and that there are no hidden fees added to the invoice.