Booking Terms and Policy

Thank you for choosing Wet Feet for Stand Up Paddle Activities! We are located 1221 Kona Street, Honolulu, Hawaii 96814. This is where we keep our Federal and Hawaii State business licenses. Being a Hawaii business we pay Hawaii General Excise Taxes which are included in our prices. All proceeds from lessons are donations which go to the Stand Up Paddle Association of Hawaii, a 501(c)(3) non-profit organization, whose mission is to promote SUP training, racing and youth development. Our customer sevice number is (808) 373-SURF (7873) and our email address is wetfeet@hawaii.rr.com

***********************************************************************************************************************************

SPORT PARTICIPANT RELEASE OF LIABILITY, WAIVER OF CLAIMS, EXPRESS ASSUMPTION OF RISK AND INDEMNITY AGREEMENT

Please read and be certain you understand the implications of agreeing to this Express Assumption of Risk Associated with Sport, Venue Use and Related Activities. By signing up and paying for any activities or services on this website you are agreeting to the terms and conditions below:

As a participant I and those in my party do hereby affirm and acknowledge that I have been fully informed of the inherent hazards and risks associated with Wet Feet LLC, the activities or sporting events being provided or organized by Wet Feet LLC, transportation of equipment related to the activities, and travelling to and from activity sites in which I am about to engage. Inherent hazards and risks include but are not limited to:

1. Risk of injury from the activity and equipment utilized is significant including the potential for broken bones, severe injuries to the head, neck, and back or other bodily injuries that my result in permanent disability and death.

2. Possible equipment failure and/or malfunction or misuse of my own or others’ equipment.

3. I AGREE THAT I WILL WEAR APPROVED PROTECTIVE GEAR AS DECREED BY THE GOVERNING BODYOF THE SPORT I AM PARTICIPATING IN. However, protective gear cannot guarantee the participant’s safety. I further agree that no helmet can protect the wearer against all potential head injuries or prevent injury to the wearer’s face, neck or spinal cord.

4. Variation and/or steepness of terrain, variation or changes in surfaces including but not limited to beach and ocean surfaces, rocks, stumps, debris, cliffs, trees, fences, posts, trees, light poles, signs, buildings, roads, walkways, ramps, rails, stairs, other persons, and other natural and man-made hazards.

5. My own negligence and/or the negligence of others, including but not limited to operator error and guide decision making including misjudging the ocean, surf, tides, currents, terrain, weather, riding surfaces or other obstacles.

6. Exposure to the elements and temperature extremes may result if heat exhaustion, heat stroke, sunburn, hypothermia and dehydration.

7. Dangers associated with exposure to natural elements include but are not limited to surf, currents, tides, inclement weather, thunder and lighting, severe and or varied wind, temperature and other weather conditions.

8. Accidents or illness occurring in remote places where there are no available medical facilities.

9. Fatigue, exhaustion, chill, and/or dizziness, which may diminish my/our reaction time and increase the risk of accident.

10. Impact or collision with other athletes, spectators, facility employees, pedestrians, motor vehicles, and boats.

*I understand the description of these risks is not complete and unknown or unanticipated risks may result in injury, illness, or death.

 Release of Liability, Waiver of Claims and Indemnity Agreement

 In consideration for being permitted to participate in the above described activity(ies) and related activities, I herebyagree, acknowledge and appreciate that:

1. I HEREBY RELEASE AND HOLD HARMLESS WITH RESPECT TO ANY AND ALL INJURY, DISABILITY, DEATH, or loss or damage to person or property, WHETHER CAUSED BY NEGLIGENCE OR OTHERWISE, the following named persons or entities, herein referred to as releasees: Wet Feet LLC, 540 Ward Avenue, Honolulu, Hawaii  96814, 808-737-7873.

2. To release the releasees, their officers, directors, employees, representatives, agents, and volunteers from liability and responsibility whatsoever and for any claims or causes of action that I, my estate, heirs, survivors, executors, or assigns may have for personal injury, property damage, or wrongful death arising from the above activities whether caused by active or passive negligence of the releasees or otherwise. By executing this document, I agree to hold the releasees harmless and indemnify them in conjunction with any injury, disability, death, or loss or damage to person or property that may occur as a result of my engaging in the above activities.

3. By entering into this Agreement, I am not relying on any oral or written representation or statements made by the releasees, other than what is set forth in this Agreement.

4. This agreement shall apply to any and all injury, disability, death, or loss or damage to person or property occurring at any time after the execution of this agreement.

This release shall be binding to the fullest extent permitted by law. If any provision of this release is found to be unenforceable, the remaining terms shall be enforceable.

I HAVE READ THIS RELEASE OF LIABILITY AND ASSUMPTION OF RISK AGREEMENT, I FULLY UNDERSTAND ITS TERMS, I UNDERSTAND THAT I HAVE GIVEN UP LEGAL RIGHTS BY AGREEING TO IT, AND I AGREE TO IT FREELY AND VOLUNTARILY WITHOUT ANY INDUCEMENT.

********************************************************************************************************************

OTHER WET FEET POLICIES:

FARES AND PRICES

All fares and prices quoted are subject to availability. Prices are in US dollars. Prices are subject to change until full payment is received and voucher(s) are issued.

DEPARTURE POINT 

Please be present 10 minutes before departure to the staff at the departure point of your activity. The location of the departure point can be found in the description of the activity and is stated on your booking confirmation. We can not be held responsible for clients showing up late for their activity. Call us the day before your lesson at (808) 373-SURF to reconfirm as lessons are sometimes weather dependent.

AVAILABILITY

The products and services sold through this site are subject to availability and can be withdrawn without notice until booked. The activity is confirmed when full payment is received.

IMPORTANT

We request that you carefully check the dates on your voucher and contact us immediately if these are not correct.

CANCELLATION AND REFUND POLICY

* Cancellation 48 hours prior to departure date: 5% administration fee.
* Cancellation less than 48 hours prior to departure date and time or no-show : 50% of the total amount.

PRIVACY POLICY

Your privacy is our highest priority. We promise not to sell or release any information about you to any third party, ever! When you purchase activities from us, we automatically place you on our mailing list to receive e-mails about special offers, new products or new features on our website. If you do not wish to receive these e-mails, simply send an email to wetfeet@hawaii.rr.com and type "remove" in the subject title or reply to any of our emails in a similar manner. 

SECURITY POLICY

Wet Feet is committed to meeting the Data Security Standard of the Payment Card Industry Council. To that end, we have adopted the following security policies. This policy states requirements for the protection of such sensitive data according to the PCI Data Security Standard (Version 1.2 is current upon publication date of this policy).

This policy applies to all employees of Wet Feet and to all others given use of, or having access to, sensitive data.

This policy applies to sensitive data stored, processed and transmitted within or among any and all Wet Feet information systems, whether individually controlled or shared, stand-alone or networked, and all computer systems and communication facilities owned, leased and operated by or on behalf of Wet Feet . This includes, at minimum, networking devices, mainframes, workstations, personal computers, smart phones, telephones, wireless devices and any associated peripheral equipment and software.

Our Buildings Restrict Physical Access to Cardholder Data:

Physical access to all credit-card data are restricted, using appropriate building access controls to limit and monitor physical access to restricted credit card data. Required measures include:

-Individual codes for each employee to disarm builiding security system;
Storage of access log data for at least three months;
-Restricted access to publicly accessible computer network access points, including wireless access points;
-Visitors are not allowed to enter areas where credit-card data is handled or stored;
-Secure destruction of media containing credit-card data:
-Paper: cross-cut shred, incinerate or pulp;
-Electronic media: securely overwrite data, degauss, shred or otherwise completely destroy

Wet Feet maintains a variety of documents in the course of conducting daily business. Some of these documents may contain sensitive data or references to information that could provide access to sensitive data. Access to these documents is explicitly restricted to a need-to-know basis, and all unauthorized access or sharing of restricted information may be met with disciplinary and/or legal action.

Wet Feet Installed and Maintains a Firewall Configuration to Protect Data:

-Uses a firewall at each Internet connection point on the company network.
-Documents a firewall configuration that denies all traffic from nontrusted networks and hosts, except for those protocols necessary for the secure transmission of credit-card data.
-Maintains a list of network services and ports required for business purposes.
-Maintains a network diagram with all connections to credit-card-related data, including a diagram for any wireless networks.
-Lists justifications for any open protocols aside from hypertext transfer protocol (HTTP), secure sockets layer (SSL), secure shell (SSH) and virtual private network (VPN).
-Maintains documentation that justifies any open firewall ports that could be considered a risk to network security.
-Maintains a router-configuration diagram that demonstrates restricted access between public networks and any company computer system that stores credit-card data.
-Documents personal computer firewall requirements.
-Prohibits direct public access between external networks and any system component that stores credit card related data (for example, databases, logs and trace files).
-Documents all firewall rule sets.
-Does not use Vendor-Supplied Defaults for System Passwords and Other Security Parameters.
-Prohibits the use of vendor-supplied default settings and remove unnecessary functionality supplied by vendors and prepackaged software solutions that could create a security vulnerability.
-Always changes vendor-supplied default settings before installing a system on the company network, including passwords, simple network management protocol (SNMP) community strings and deletion of unnecessary system accounts.
-Documents standards for system builds.
-Documentsall enabled services, daemons and protocols on servers.
-Documents all security parameters enabled on each server.
-Removes any unnecessary functionality, such as features, scripts, drivers, file systems and unnecessary Web servers.
-Documents all applications installed on each company server.
-Allows only ONE primary function for each company server (example: Web servers, database servers and domain name system (DNS) services should NOT be implemented in any combination on the same server).
-Our Computers Encrypt Transmission of Cardholder Data and Sensitive Information Across Public Networks
-Transmission of credit-card data across open, public networks must be encrypted, including the use of e-mail encryption software by employees. Cryptography is to be applied as defined by the PCI DSS 1.2 Glossary.
-Maintains a documented list of URL(s) used for transactions or passing credit-card-related information.
-Encrypts all wireless traffic used for transmitting credit-card data.
-Encrypts credit-card data transmissions using WiFi protected access (WPA or WPA2) technology, IPSEC VPN, or SSL/TLS. Never use wired equivalent privacy (WEP) to protect confidentiality and access to a wireless network.
Documents any current e-mail encryption software being used by employees, if any credit-card data is to be transmitted via e-mail communications.
-Uses and Regularly Update Anti-Virus Software
-Uses anti-virus software or programs and regular anti-virus signature updates, and document this use.
-Documents current use of virus protection software;
-Documents that installed anti-virus programs can detect and protect against other forms of malicious software (malware), including spyware and adware;
-Maintains a copy of anti-virus logs and reports.
-Develops and Maintains Secure Systems and Applications
-Develops and maintain ssecure computer systems and software applications, and ensure that security measures are included for new or upgraded systems and applications.
-Restricts Access to Data to a Need-to-Know Basis
-Access to all credit-card data is restricted strictly on a need-to-know basis, limiting access to only those employees who must access the data to perform their job duties.
-Installs and maintains access controls that restrict computer user access to only those systems and resources required for performing their jobs.
-Maintains access logs that show which employees had access to what data, and when, for all computer systems.
-Assigns a Unique ID to Each Person With Computer Access
-Each person with computer access is be assigned a unique account ID with a password known only to that individual.
-Passwords change every 90 days.
-Passwords are a minimum of 7 characters, containing numeric, alphabetic and special characters.
-New passwords cannot be the same as previous passwords.
-If a user tries to log in but is unsuccessful after six attempts, that user account is be automatically locked out for 30 minutes or until a system administrator is contacted to manually unlock the account.
-Sets a computer idle lock out time of 15 minutes and require a password to gain access to the computer again.
-Maintains a list of any inactive accounts.
-Keeps a copy for six months of all employees with computer access.
-Ensures that no shared accounts and passwords exist on any computer systems.
-Tracks and Monitors all Access to Network Resources and Cardholder Data
-All access to Wet Feet network and cardholder data must be tracked and monitored for any signs of suspicious or unauthorized activity.
-Captures system logs and maintain log records for 12 months.
-Monitors system logs daily or use automated alerting mechanisms to ensure that suspicious or unauthorized activity is quickly detected.Responds swiftly to any indications of suspicious or unauthorized activity.

Wet Feet Protects Stored Data:

-Stored credit-card data are protected from unauthorized use at all times.
-Wet Feet does not allow the display of personal account numbers in full; display of the first six and/or the last four digits is permissible.
-If personal account numbers are be stored, they must be protected in one of four ways:
1.Strong encryption with secure encryption key management
2.Truncation of account number
3.Strong one-way hash
4.Use of index tokens and pads

Our Service Providers Closely manage all third-party service providers and partners to ensure that all business conducted on Wet Feet's behalf is performed to the PCI DSS requirements and standards.

All new contracts are reviewed from a security perspective to ensure that services provided by third parties will be rendered in a PCI-compliant manner.

All existing contracts are reviewed at least annually and updated as needed to ensure that third-party services continue to meet PCI requirements.

Where possible, conduct an on-site inspection of any potential new third party or partner and document the state of secure data practices.

Our Security Program Regularly Test Security Systems and Processes:

All Wet Feet systems are tested quarterly to ensure that security systems and processes are in place and performing as needed.
We develop and maintain a security-breach-response plan, and test the plan at least annually.

We perform internal and external vulnerability scans of all systems connected to the cardholder data environment, per current PCI DSS requirements.

We ensure that all credit-card data is completely destroyed (degauss disks, shred paper) once the data or the medium that the data resides upon is no longer needed for clear business purposes.

We Maintain a Policy That Addresses Information Security:

TheWet Feet information security policy is to be reviewed and updated as needed at least annually by Wet Feet management.
Wet Feet will train all new employees on data security practices to a level appropriate for their job positions.

All employees receive security awareness training at least annually, and all employees must sign this policy to indicate that the policy is understood and will be abided by.

When an employee moves to a new position within Wet Feet , a review of the employee's new role and what sensitive data access that the new role requires will be conducted. Access to sensitive data may be granted or revoked based on need-to-know basis according to the new job duties. A background check may also be required for a current employee moving from a role where no access to sensitive data was required to a role that necessitates access to sensitive data.