We are committed to protecting your privacy. The personal information you give to us is only used by Clogau Gold of Wales Ltd, and is never shared with third parties.
When you place an order, we need to know your name, billing address, e-mail address, delivery address and credit/debit card details. This allows us to process and fulfil your order and enables us to contact you regarding the order. To fulfil your order, your delivery address will be given to our courier, Royal Mail.
Clogau Gold of Wales uses your email address to contact you about your order, your online account or to respond to an enquiry. From time to time, we may update you on new items, special offers and competitions but only with your permission.
We would only disclose your information if required by law, court order or in circumstances where it is judged to be in good faith belief that disclosure is otherwise advisable.
By using this site, you consent to allow all the above uses of your data. We reserve the right to make changes to this policy from time to time as necessary. Your continued use of this site following the posting of any such changes to these terms will mean you accept the changes.
This website uses a ‘session cookie’. Your computer is allocated a random ID number by our web server for the duration of your visit. Session cookies allow you to store your chosen items in your shopping basket, without losing them, and to make the checkout process faster by having your delivery details ready to use.
The session cookie is only active while you are connected to clogau.co.uk and is instantly removed from your computer when you close your browser window.
Our Secure Payment Technology
Your safety is our priority. To ensure that your details are fully protected when you order from us we utilise several secure payment technologies, such as:
- 256 bit SSL encryption to ensure that your card and personal details are completely secure.
- Extended Validation SSL Certificates to verify who we are and that we are legitimate.
- Address Verification System (AVS) to verify the address of a person claiming to own a credit card.
- Anti-fraud policy of sending your first order to the billing address only to prevent someone else using your card details.
- Payment Card Industry Data Security Standard compliance (PCI DSS) to show that we comply with and maintain 12 highly robust online safety measures.
Hyper Text Transfer Protocol Secure (HTTPS)
HTTPS is a secure version of the Hyper Text Transfer Protocol (http) and ensures secure e-commerce transactions, such as online orders.
When you connect to a website via HTTPS, the website encrypts the session with a digital certificate which scrambles any information that is exchanged between your computer and the website. This keeps your information safe from hackers.
You will see an ‘s’ after the http and a ‘closed padlock’ symbol in Firefox and Internet Explorer next to the address bar. The address bar itself will also turn green.
256 bit SSL encryption
When you use our website, our secure server encrypts any personal information you send us, including your credit or debit card number and name and address.
Encryption turns the information you enter into bits of code which are then securely transmitted to us over the Internet.
For that extra level of security, we use 256 bit encryption, rather than the usual 128 bit encryption that other websites use.
What's the difference? For the most part, 128 bit encryption is more than sufficient and complex enough to make it extremely unlikely that a potential hacker could access any information. However, as technology advances, it is expected that at some point the industry standard will have to shift to 256 bit encryption - but only in about 8-10 years time.
So, while it is not essential to use 256 bit encryption yet, we feel it is best to stay one step ahead and give you that extra level of security.
Extended Validation SSL Certificates
We use Extended Validation SSL Certificates so that browser can clearly identify our organisational identity.
You can verify this information for yourself by clicking on the padlock symbol in Internet Explorer or the green tab near the address bar if you are using Firefox or Chrome.
The vetting process for an Extended Validation SSL Certificate is more extensive than for any other type of security certificate.
It verifies our identity, the validity of any data requests and the overall legitimacy of our business.
The certificate is issued by Thawte, a global authority providing extended validation SSL certificates and online security trusted by millions around the world.
Thawte SSL Web Server Certificate
A Thawte SSL Web Server certificate offers comprehensive authentication procedures whereby the certificate owner's corporate identity is verified by Thawte.
The certificate not only assures private submission of information between the web server and the client's web browsers, but provides assurance of the certificate owner's corporate identity.
Address verification system (AVS)
AVS is a MasterCard service that combats fraudulent activity for non-face-to-face transactions by cross-referencing the cardholder’s address information with the card issuer’s records.
The verification system will check the billing address of the credit card provided by the user with the address on file at the credit card company.
This process reduces the risk of fraud and increases payment gateway security.
PCI DSS compliance
PCI DSS is a binding collection of rules that promote robust IT security processes. Clogau Gold uses PCI DSS to reduce the risk of financial fraud through heightened network security capabilities of whoever processes payment card information. PCI DSS compliances include:
Build and Maintain a Secure Network
1. Install and maintain a firewall configuration to protect cardholder data
2. Do not use vendor-supplied defaults for system passwords and other security parameters
Protect Cardholder Data
3. Protect stored cardholder data
4. Encrypt transmission of cardholder data across open, public networks
Maintain a Vulnerability Management Program
5. Use and regularly update anti-virus software on all systems commonly affected by malware
6. Develop and maintain secure systems and applications
Implement Strong Access Control Measures
7. Restrict access to cardholder data by business need-to-know
8. Assign a unique ID to each person with computer access
9. Restrict physical access to cardholder data
Regularly Monitor and Test Networks
10. Track and monitor all access to network resources and cardholder data
11. Regularly test security systems and processes
Maintain an Information Security Policy
12. Maintain a policy that addresses information security
Please don’t try to send orders via email
It is impossible for us to guarantee any secure transmission of details through email. If you do not wish to order through our website, you can always phone us on 0845 606 88 77.
If you’re still worried about security over the internet
Please contact us by phone on 0845 606 88 77 and we can put you through to our IT department.