Privacy and Security

Personal Information
Cookies
Security

Personal Information

Your privacy is important to us. We will only use the information that we collect about you lawfully (in accordance with the Data Protection Act 1998).

We collect information about you to enable us to process your order and to communicate with you regarding your order. The information we collect includes your name and address, telephone number, email address and credit/debit card details. Crystal Well-Being does not hold your credit/debit card details, they are passed direct to the WorldPay processing system. We will never reveal your information to any third parties.

Any personal information we collect, such as your name and address, will be encrypted before being sent between your computer and our server using 128 Bit SSL. SSL stands for 'Secure Socket Layer' - this is a way of transmitting information using a private key to encrypt the data that is transferred over the SSL connection. You can tell the data has been sent using SSL because the webaddress in the address bar, at the top of the page, starts with https instead of http and a small yellow padlock is visible in the bottom right corner of the screen.

The personal information we hold will be held securely in accordance with our internal security policy and the law. The server that stores the information is kept in a secure facility with restricted physical access and secure firewalls and other measures used to restrict electronic access.

We endeavour to ensure that the information we hold is accurate and up to date. You can check the information that we hold about you by contacting us . If you find any inaccuracies we will delete or correct them promptly.

We will not reveal your details to a third party for any purpose without your express permission.

Like all websites, our server automatically records 'log files' containing information about the volume and characteristics of our website traffic e.g. IP address, numbers of pages viewed, length of time spent on site. We use log files to build pictures of how our site is used that help us to monitor and improve our site. We cannot identify you from your log files.

We may change this policy from time to time as we add new services or features or in response to changes in the law or our commercial arrangements. Any changes to this policy will be posted on this Site.[Back to top]

Cookies

A Cookie is a piece of data that is saved in your computer by the web server. This site uses cookies to allow us to keep track of information, such as your order number, as you browse through our site. Cookies can be turned off but if you do so you will reduce the functionality of this site and other websites. Cookies are not readable by other sites or other computers, they can only be read by web pages on the site that created them. Our cookies do not hold credit card details. [Back to top]

Security

One of the most worrying aspects of buying online is the security of personal information and credit card details. In reality, an online transaction is probably more secure than a card transaction in a shop or conducted over the telephone or by fax, as the information transmitted online is strongly and securely encrypted.

We use WorldPay to process your transactions. crystalwellbeing.co.uk does not hold details of your credit/debit card. Credit/debit card details are sent directly to WorldPay using an encrypted and digitally signed protocol.

When you fill in the payment form and click the 'Submit' button, your details are not sent straight-away. Instead a secure link is set up between your computer and WorldPay producing an encryption code which then wraps the transaction details before leaving your computer. This encryption is to the maximum strength supported by your browser using 128 Bit SSL. SSL stands for 'Secure Socket Layer' - this is a way of transmitting information using a private key to encrypt the data that is transferred over the SSL connection.

The WorldPay payment system uses a combination of both established and innovative techniques to ensure the security and integrity of all sensitive data. WorldPay's public web servers are certified by Thawte, a public Certificate Authority, ensuring that customers can have confidence that nobody can impersonate WorldPay to obtain confidential information.

It is important for you to protect against unauthorized access to your password and to your computer. Be sure to sign off before leaving our site by clicking the log-off button.
Back to top]