Privacy

COOKIE INFORMATION FOR USERS

Like most other companies, Pure Protein Limited uses “cookies” to improve the experience for our website visitors. Cookies are tiny files, composed of a string of letters and numbers, placed on your computer by web page servers. They enable the website owner to distinguish you from other users of the website. Cookies cannot be executed as code or used to deliver viruses and they cannot enable us to access your hard drive. We cannot read any information on your hard drive even if we store cookies there.

The data generated through cookies on Pure Protein Limited websites can be used for various purposes including the following:

Strictly Necessary:

These cookies are essential in order to enable you to move around the website and use its features, such as accessing secure areas of the website and saving items to a shopping basket.

Performance:

These cookies collect information about how visitors use a website, for instance which pages visitors go to most often and if they receive error messages. These cookies are used to improve how a website works in future versions.

Functionality:

These cookies allow the website to remember choices you make such as user name, language or region you are in and provide a more enhanced personal experience.

Targeting or Advertising:

These cookies are used to deliver content more relevant to you and your interests.

We don't permit any third parties to advertise on our website but we cannot control advertisers that are allowed by internet service providers to advertise whilst you are browsing on the internet.

Pure’s website uses Google Analytics to help analyse how users use the site. This analytical tool uses cookies, which are text files placed on your computer, to collect standard internet log information and visitor behaviour information in an anonymous form. The information generated by the cookie about your use of the website (including your IP address) is transmitted to Google. This information is then used to evaluate visitors use of the website and to compile statistical reports on website activity for PURE. PURE will not (and will not allow any third party) to use the statistical analytics tool to track or to collect any personally identifiable information of visitors to our site. We will not associate any data gathered from this site with any personally identifying information from any source as part of our use of the Google statistical analytics tool. Google will not associate your IP address with any other data held by Google. Neither PURE nor Google will link, or seek to link, an IP address with the identity of a computer user.

Pure Protein Limited is required by law to obtain your consent for all types of cookies that we place other than those that are “Strictly Necessary”. Therefore, Pure Protein Limited has made it easier for you to manage the different types of cookies that are used on our websites intended for use in the EU by allowing you to choose whether cookies are placed when browsing our website when you begin your visit. However, please be aware that if you use block cookies (including Strictly Necessary cookies) you may not be able to access certain functionality or parts of this site.

 

YOUR QUESTIONS ABOUT SECURITY

I'm worried about sending my credit card details over the Internet. Should I be?

Pure Protein have taken many precautions to keep your credit card details safe. All credit card information that is transmitted from your computer to the Pure Protein server is encrypted using the Secure Socket Layer (SSL) protocol.

We use a secure server with state-of-the-art encryption and Secure Socket Layer server technology. There has never been a case in which any of our consumers lost money as a result of fraudulent card use resulting from a breach of our security as data was transmitted over the Internet. It is widely joked in the e-commerce industry, that you have more chance of becoming a victim of credit card fraud by handing your card to a waiter in a restaurant than by sending it over the Internet using SSL.

 

Will you sell my email address to other people who will send me junk mail?

No, we won't. In fact, we won't sell your email address to any other organisation. Since customers value their privacy, our business depends on protecting it.

 

Secure Transactions

Secure connections on the Pure Protein store are verified and authenticated using our secure server certificate, issued to us by BT Trustwise/Verisign. You can also check the validity of our certificate by double clicking on the glowing padlock that appears on the bottom left or bottom right corner of your browser.

Alternatively, please examine the security settings of your browser. Our server certificate uses strong 512 bit encryption which means that when it's possible (i.e. your browser is capable), the server will encrypt its communications using this higher level of encryption. If the browser isn't capable of communicating at 512 bits, the server will switch down to 128 bit or 40 bit encryption. The possibility of someone being able to intercept and decrypt the secure communication between browser and server is very slim indeed.

An SSL connection is initiated by the client (normally a Web browser) by requesting a document to be sent through the HTTPS protocol as opposed to the standard HTTP protocol. This is done by by simply prefixing the URL by "https" as opposed to "http".

For example: http://server.domain.com/index.html requests the document index .html be sent through the standard HTTP protocol, whilst https://server.domain.com/index.html requests the same document be sent using the HTTPS protocol which incorporates SSL.

Here in detail are the steps taken during an SSL (Secure Socket Layer) transaction:

  • The client sends a request for a document to be transmitted using the HTTPS protocol by prefixing the URL with "https".
  • The server sends its certificate to the client.
  • The client checks if the certificate was issued by a Certificate Authority (CA) it trusts. If not, it gives the user the option to continue or to terminate the transaction.
  • The client compares the information in the certificate with the information it just received concerning the site: its domain name and its public key. If the information matches, the client accepts the site as authenticated.
  • The client tells the server what ciphers, or encryption algorithms, it can communicate with.
  • The server chooses the strongest common cipher and informs the client.
  • The client generates a private (or session) key using the agreed cipher.
  • The client then encrypts the session key using the server's public key and sends it to the server.
  • The server receives the encrypted session key and decrypts it with its private key.
  • The client and the server then use the session key for the rest of the transaction.