Is your website secure?

As an e-commerce company, security is naturally a foundation on which the business was built upon and we take this aspect of the business very seriously. Security for us goes beyond the technical aspects of securing the infrastructure and includes the way your data is handled.

Technically, our infrastructure is protected by

  • Firewalls that automatically detect and block attacks
  • Technology that protects against cross site scripting, SQL injection, comment spam, excessive bot crawling, email harvesters and more
  • Servers that are continually patched, properly hardened, and stripped down to only what they have to do so
  • Redundant hardware modules that ensure continuity

The front-end website is protected by

  • Site-wide SSL encryption that are protected by 2048 bit RSA asymmetric private key cryptography and 256 bits symmetric keys - your shopping session is completely secure
  • Front-end firewall that protects from malicious access
  • Continuous inspection of incoming traffic and active blocking of those with malicious intent
  • Algorithms that filter every single piece of information received by the site to ensure that malicious attacks and scans do not get through
  • Exposed end-points are continually inspected, checked for potential weaknesses and patched

Your data is protected by the following processes

  • We only ask for and use the minimum amount of data necessary to provide our services to you
  • Credit card information and processing are handled exclusively by either Stripe or PayPal (depending on which payment method you select) - these companies are global leaders in payment processing and their business revolves around credit card security. We do not store or handle your credit card information
  • Only authorised personnel have access to your private information (such as your delivery address) and these information are handled with the strictest confidence
  • Employees only have access to the information that they need to assist you or to perform their jobs, nothing more
  • Very few employees have access to the technical infrastructure. Every access is audited; employee access to infrastructure services are secured with different randomly generated long passwords and require a physical hardware 2FA for the ultimate security
  • Data that we no longer require (for example, inactive customer records) are removed so that we do not store more data than is necessary to provide our services

If you have any concern, please let us know and we'll be happy to clarify.

Still need help? Contact Us Contact Us