FAQ: What security measures are you using to protect my data?

Enjoy an active family lifestyle, without sacrificing the style. Discover stylish, unique, quality, fair trade, imaginative, useful, funky, iconic selections in our newsletter.

What security measures are you using to protect my data?

We use Secure Socket Layer (SSL) encryption technology to protect the transmission of your sensitive financial data. SSL certificates are an industry standard that serve a dual purpose: they provide a means for the encryption of communications, they also provide a framework for a trusted third party to confirm that the owners of a website are who they say they are.

Our SSL certificate supports High grade AES 256 bit encryption. You will know that SSL encryption is taking place because the URL bar in the browser will begin with 'https://' and the browser will display a lock to indicate secure communication mode. For website performance reasons, we only turn SSL encryption on when sensitive data is about to be transmitted. SSL is not used during casual browsing of the website.

We are also encrypting your sensitive financial data when it is stored in our database. We are using High grade AES 256 bit encryption to protect this data on disk. This means that even if someone were to break into our data center and steal the database hard drive, the financial data on the hard drive would be unreadable to them.

Your financial data is not stored in our database indefinitely. We store financial data for the minimum amount of time necessary to conduct business. Our current data retention policy is as follows: Your credit card number is deleted out of the website database 7 days after you place your order on the website. Your CVV2 or CID number is deleted as soon as the order is processed.

Your personal data such as your name, address and phone number are not protected in the same way as your financial data. This kind of data is the same kind that is widely publicly available in such mediums as the phone book; we do not feel that it warrants the same level of security as your financial data. Your personal data is protected by the password that is generated for you when you create your account. You are free to change your password or to delete your personal data at any time.

Your website resides on a secure server cluster. A short summary of the security precautions in place to secure these servers are as follows:

Server cluster protected by a dedicated hardware firewall
Server cluster is divided into tiered layers of network security for a 'defense in depth' strategy
Server cluster passed vulnerability scans conducted by Ambiron
TrustWave's Truskeeper compliance solution
Sensitive server software protected by file integrity monitoring
Administrative access to server cluster strictly controlled
Server cluster physically located in a data center that has passed the prestigious SAS 70 audit
Server security logs are monitored daily by a human being to look for any signs of attack.

For technical details on the methods used to secure you data, you can reference the Payment Card Industry Data Security Standard here: www.pcisecuritystandards.org

Find more answers in Security

Shop: rooms & places kids bedrooms childrens bedroom furniture decorations for kids bedrooms storage kids lighting wall art childrens bedding kids play rooms family rooms & living kitchen kitchen accessories kid's tableware and cutlery lunch bags & flasks kids bathroom in the garden garden playground equipment outdoor toys, games & activities supertramp trampolines paddling pools and swimming pools Barbeque and al fresco eating in the water at the beach activities & occasions organising & tidying kids birthday parties party tableware & supplies birthday party decorations party bag ideas childrens party games kids birthday cakes childrens personalised gifts play, toys, & games play houses outdoor play equipment creative, arts, crafts, educational lilydolls puzzles, toys and games kids bikes, trikes, scooters, pedal cars and ride-ons outdoor toys and activities traditional & educational toys creative play cooking, baking and eating sun & rain protection sun protection clothing waterproofs & wellies travel & holidays sleepovers back to school classic children's clothing Kent & Carey Girl's Clothing Kent & Carey Boy's Clothing	Fun in the garden Fair trade birthday banner Urchin Online Exclusives Latest Offers What's New Sale search Enjoy an active family lifestyle, without sacrificing the style. Discover stylish, unique, quality, fair trade, imaginative, useful, funky, iconic selections in our newsletter.
	home > Customer Service > Shopping information > Security > What security measures are you using to protect my data? What security measures are you using to protect my data? We use Secure Socket Layer (SSL) encryption technology to protect the transmission of your sensitive financial data. SSL certificates are an industry standard that serve a dual purpose: they provide a means for the encryption of communications, they also provide a framework for a trusted third party to confirm that the owners of a website are who they say they are. Our SSL certificate supports High grade AES 256 bit encryption. You will know that SSL encryption is taking place because the URL bar in the browser will begin with 'https://' and the browser will display a lock to indicate secure communication mode. For website performance reasons, we only turn SSL encryption on when sensitive data is about to be transmitted. SSL is not used during casual browsing of the website. We are also encrypting your sensitive financial data when it is stored in our database. We are using High grade AES 256 bit encryption to protect this data on disk. This means that even if someone were to break into our data center and steal the database hard drive, the financial data on the hard drive would be unreadable to them. Your financial data is not stored in our database indefinitely. We store financial data for the minimum amount of time necessary to conduct business. Our current data retention policy is as follows: Your credit card number is deleted out of the website database 7 days after you place your order on the website. Your CVV2 or CID number is deleted as soon as the order is processed. Your personal data such as your name, address and phone number are not protected in the same way as your financial data. This kind of data is the same kind that is widely publicly available in such mediums as the phone book; we do not feel that it warrants the same level of security as your financial data. Your personal data is protected by the password that is generated for you when you create your account. You are free to change your password or to delete your personal data at any time. Your website resides on a secure server cluster. A short summary of the security precautions in place to secure these servers are as follows: Server cluster protected by a dedicated hardware firewall Server cluster is divided into tiered layers of network security for a 'defense in depth' strategy Server cluster passed vulnerability scans conducted by Ambiron TrustWave's Truskeeper compliance solution Sensitive server software protected by file integrity monitoring Administrative access to server cluster strictly controlled Server cluster physically located in a data center that has passed the prestigious SAS 70 audit Server security logs are monitored daily by a human being to look for any signs of attack. For technical details on the methods used to secure you data, you can reference the Payment Card Industry Data Security Standard here: www.pcisecuritystandards.org Find more answers in Security

Shop:

What security measures are you using to protect my data?