Security Information
We appreciate that your security concerns are of the utmost importance. This page outlines our internet security and how you can check that we encrypt and protect the security of your personal details and credit card information during and after ordering.
Our whole website (including the online checkout process) is encrypted using TLS 1.3 (Transport Layer Security). Our security SSL/TLS certificate (provided by Let’s Encrypt) is 2048bits which is proven to be secure for online shopping and e-commerce. This encryption method is actually more secure than providing your credit card number over the phone, something many of us do without hesitation.
There are several indicators of a secure web page. The first is the https:// prefix on the URL. If this is present it indicates that the connection is secure and encrypted. The URL is visible in the address bar at the top of your browser. The second indicator of a secure page depends on your browser. Most modern browsers (including Firefox, Edge, Safari and Chrome) display a small padlock or key in the top left corner of your screen. When this is closed or highlighted, the page is secure.
In addition to our website being encrypted by TLS 1.3, all credit card transactions are completed and secured by Windcave. At no stage do we or Windcave have access to, or keep any record of your payment information (including credit card details) at any stage during the transaction process. Windcave are PCI DSS compliant, Visa AIS and MasterCard SDP compliant, they use bank grade Infrastructure and all sensitive information is encrypted with the 3DES protocol, using financial Hardware Security Modules. For Windcave’s full security details and credentials please click here.
How we protect your online identity
We take every precaution to protect our users’ information. When users submit sensitive information via our website, their information is protected both online and off-line.
Whilst we use TLS 1.3 encryption to protect sensitive information online, we also do everything in our power to protect user information off-line. All user information is restricted in our offices. Only employees who need the information to perform a specific job (for example, our billing clerk or a customer service representative) are granted access to personally identifiable information. Employees are tracked as they must enter their password to gain access to user information.
For more information about our security practices, please contact us here.