This is the web site of Ayurvedic Nature Care

Our postal address is:

122 Bury New Road

Whitefield

Manchester

United Kingdom

M45 6AD

We can be reached via e-mail at sales@a-n-c.co.uk or you can reach us by telephone at 0161 766 2700

For each visitor to our Web page, our Web server automatically recognizes the consumer's domain name (where possible).

PRIVACY

We collect the e-mail addresses of those who communicate with us via e-mail, name and address, telephone number, payment information (e.g., credit card number and billing address).

The information we collect is used to improve the content of our Web page, disclosed when legally required to do so, at the request of governmental authorities conducting an investigation, to verify or enforce compliance with the policies governing our Website and applicable laws or to protect against misuse or unauthorized use of our Website.

We do not set any cookies.

If you do not want to receive e-mail from us in the future, please let us know by sending us e-mail at the above address, calling us at the above telephone number, writing to us at the above address.

If you supply us with your postal address on-line you will only receive the information for which you provided us your address.

Persons who supply us with their telephone numbers on-line will only receive telephone contact from us with information regarding orders they have placed on-line.

We do not partner with or have special relationships with any ad server companies.

From time to time, we may use customer information for new, unanticipated uses not previously disclosed in our privacy notice. If our information practices change at some time in the future we will post the policy changes to our Web site to notify you of these changes and provide you with the ability to opt out of these new uses.

If you are concerned about how your information is used, you should check back at our Web site periodically.

Upon request we provide site visitors with access to all information [including proprietary information] that we maintain about them.

Consumers can have this information corrected by sending us e-mail at the above address, calling us at the above telephone number, writing to us at the above address.

We have appropriate security measures in place in our physical facilities to protect against the loss, misuse or alteration of information that we have collected from you at our site.

If you feel that this site is not following its stated information policy, you may contact us at the above addresses or phone number.

SECURITY

We use SagePay to process all of our credit card transactions online. Sage Pay is audited by an independent auditor on a regular basis to ensure that they comply with the latest security standards set out by Visa and MasterCard. Your order will be processed online using the payment pages hosted by Sage Pay, please locate and click on the padlock image which can be found on our payment pages to confirm that your details are collected in a secure environment.

The padlock is located in a different area of the payment page screen depending on the internet browser you are using – it can normally be found in the bottom right hand corner of the screen, at the top of the screen next to (or inside) the address bar or at the very top right hand corner of the screen. This padlock shows that your details are collected using 128 bit SSL technology.

Once you have entered your card details, Sage Pay will securely send these details to the bank to be authorised. This is a completely secure process and we ensure that your details cannot be accessed by a third party.

Sage Pay is fully approved as a Level 1 compliant provider under the Payment Card Industry Data Security Standard (PCI DSS). This is the highest level of compliance that can be achieved.

Sage Pay were audited by an independent third party company, Trustwave, who are an official Visa Qualified Security Assessor.

Sage Pay collect card details via a 128-bit SSL secured payment page. They request card number, expiry dates, cardholder name and address and security code value.

This information is then further encrypted to be held against the transaction details on their system before being sent to the UK acquiring banks for authorisation (over secure, offline channels). They don't store the security code (in line with Visa requirements) but they do store the card number (only in an encrypted format that none of our staff have access to).

Sage Pay secure your card details within our database using AES-256, the keys for which are held on tamper-proof hardware security modules which as stated are unavailable to Sage Pay staff.

When your details are supplied to us over SSLv3, the algorithm used is RC4, as it is for almost every major e-commerce site.

SSL generates the encryption keys it uses for RC4 by hashing (using both MD5 and SHA1), so that different sessions have unrelated keys. Also, SSL does not re-key RC4 for each packet, but uses the RC4 algorithm state from the end of one packet to begin encryption with the next packet.

The SSLv3 certificates we obtain from Verisign to secure our site can support AES-256 as the encryption algorithm, but the vast majority of customers use IE6 or below and older versions of Firefox and Netscape. Most also run on Microsoft Windows, which until Vista is released, cannot use AES in SSL encryption. At present, the vast majority of sessions will be encrypted at 128-bit, but with a strong algorithm like correctly implemented RC4, 128-bits is more than enough to ensure the security of your card details.

We can also assure you that your details would not have been gleaned from our system (which has been approved, and is regularly audited by Visa and Mastercard as one of the most secure sites in the UK).

Our systems are independently audited by the UK acquiring banks and we are compliant with the card schemes themselves (both Visa and Mastercard) under their Payment Card Industry Data Security Standard which ensures we meet very strict security guidelines (see this linkhttp://www.visaeurope.com/aboutvisa/security/ais/main.jsp for more information).