Security Policy

We take online security very seriously and take appropriate steps to protect your personal information from accidental loss and unauthorized access, use, alteration and disclosure. Payment card information is passed directly to our payment processor over HTTPS using TLS and never touches our servers. We reference your payment information using a secure token which can only be used with our merchant account and we never have access to the full credit card or debit card number. Our payment processor has been audited by a PCI-certified auditor and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available in the payment card processing industry. To accomplish this, they make use of security tools and measures consistent with industry best practices to maintain a high level of security.

The safety and security of your information also depends on you. When we have given you (or when you have chosen) a password for access to certain parts of our Site, you are responsible for keeping that password confidential. We ask you not to share your password with anyone. We urge you to be careful about giving out information in public areas of the Site. The information you share in public areas may be viewed by any user of the Site.

Although we have implemented security measures that we think are adequate, we cannot guarantee the security of your personal information transmitted to our Site. Any transmission of personal information is at your own risk. We are not responsible for the circumvention of any privacy settings or security measures contained on the Site.

HTTPS Only

Our website requires an HTTPS connection over TLS to protect you using encryption technology, designed to help ensure your personal information is safe when in transit.

HTTPS verifies the identity of a website or web service for a connecting client, and encrypts all information sent between the website or service and the user. Protected information includes cookies, user agent details, URL paths, form submissions, and query string parameters. HTTPS is designed to prevent this information from being read or changed while in transit.

HTTPS is a combination of HTTP and Transport Layer Security (TLS). TLS is a network protocol that establishes an encrypted connection to an authenticated peer over an untrusted network.

Browsers and other HTTPS clients are configured to trust a set of certificate authorities that can issue cryptographically signed certificates on behalf of web service owners. These certificates communicate to the client that the web service host demonstrated ownership of the domain to the certificate authority.