Security and Privacy

Security Policy

We have a commitment to information security and undertake various measures for the purpose of protecting against unauthorised or unlawful processing of personal data and against loss or destruction of or damage to personal data.

We undertake the following measures to ensure a high level of information security for our customers whilst using the service.

Credit Card and Personal Information

To ensure absolute security and privacy, we entrust all credit card transactions to Stripe Inc (, one of the world's leading credit card payment solutions providers. When paying by credit/debit card, payment information is sent directly to Stripe Inc, so no card information is sent, processed or stored by us. We also allow PayPal as an alternative payment method, when paying via PayPal, the consumer is redirected to the PayPal website to take card details or use a PayPal account. Once processed, the consumer is redirected back to this website.

Secure Socket Layer (SSL) Protection

The purchase area of our website is secure. We use industry-standard Secure Sockets Layer (SSL) technology to encrypt sensitive information such as your name, address and credit card details. Information passed between your computer and our website cannot be read in the event that someone else intercepts it.

Additionally, our fulfilment system is not connected to the Internet and is not accessible in any way, which keeps your information secure once it reaches us.

General Statements

There is a compliance or responsible officer who deals with security of information and personal data.

All employees are briefed on the importance of personal data and security and confidentiality of information obtained.

We control physical security in relation to the information and personal data that is contained at our facilities and restrict access to the computer rooms, technology areas, equipment and other facilities where unauthorised access by people could compromise our security.

All proprietary or confidential information, including personal data, is contained on computer and any that is contained and stored on manual files are locked up and secure.

We seek to control access to the information and personal data, including existing procedures for authorising and authenticating users as well as software controls for restricting access and techniques for protecting data such as encryption. We monitor and log accessso as to assist in detection and investigation of security breaches and any attempted breaches where they occur.

We endeavour to maintain a business continuity plan as a contingency plan, which identifies our business functions and assets (including personal data) which would need to be maintained in the event of disaster and set out the procedures for protecting and restoring them if necessary.

We train our staff on security systems and have relevant procedures in place. Accordinglyour staff are aware of information security issues and they can go to the relevant officer with any issues relating to the Data Protection Act/Privacy or personal data.

The foregoing policies are effective for the Website. We reserve the right to change this policy from time to time the policies and terms described above are not intended to and do not create any contractual or other legal rights in or on behalf of any party.