Here at GroovyCart we take security very seriously. We have put measures in place to ensure that your personal information is not stolen or passed on.
We all use GroovyCart so we understand how you want your personal information to be treated and we treat your personal information as if it were our own.
- All passwords are one-way encrypted (as soon as you enter your password it is encrypted and can never be reversed), using industry standard algorithms. No one, not even the staff can find out what your password is (so we will never ask for it)
- Key items of your personal information are encrypted at database level, again using industry standard algorithms.
- Access to the database is restricted to the GroovyCart application and to technical staff only.
- As your personal data is encrypted, even the technical staff cannot read it.
- The backups are specific to our server set-up and the data remains encrypted.
- All data, including backups, are held in the UK and only accessed by UK staff and are therefore covered by the Data Protection Act. (for more information on The Data Protection Act and your rights see http://www.opsi.gov.uk/Acts/Acts1998/ukpga_19980029_en_1)
- We have a Customer Relationship Management (CRM) system for managing customer contacts, such as customers reporting faults.
- Our CRM can only be accessed from our internal network (not the world-wide-web).
- Access to our CRM system is restricted and controlled by user login and roles.
- GroovyCart and our CRM system are synchronised, however only a limited amount of information is passed across.
- Shop-owners have access only to necessary information about their customers in order to complete a transaction.
- When making payment transactions to PayPal and Google Checkout we only pass on the bare-minimum amount of information.
- No other information is passed on to any third-party companies.
- We do not hold any credit card information.
- Cookies. In order to use GroovyCart it is necessary to put a small file, called a cookie, onto your computer. This is used maintain the session between your computer and the GroovyCart server. If deleted or removed then it will be re-created next time you use GroovyCart. This cookie does not contain any personal information.
- Your IP address is treated as personal information and is retained for security reasons. We do not give your IP address to third-parties or link it to any other information that could be used to build a profile about you.
- Data retention. GroovyCart has not been running long enough for data retention to become an issue. Because of this data is kept indefinitely.
- From time-to-time, GroovyCart may contact registered users via e-mail with information we think may be of interest. This is not intended to be spam or junk email and you will have the option to opt-out of this service.
- We regularly apply security updates to our Apple Mac Xserve server platform.
- We use Google for our advertising, Google may chose to display adverts tailored to you using data it has collected on you. (but this is up to Google and we have no control over this)
- We use Google, Bing and Yahoo Analytics to record the user journey through our website.