To
protect you and your credit card information, The Spa Depot utilizes
Extended Validation Secure Sockets Layer (EV SSL), which is industry leading
and uses some of the highest technology
available today for secure commerce transactions. SSL sends your credit card
number to our secure servers in an encrypted code, which no one else can decode.
SSL uses many high-technology security measures to assure customer safety
and privacy in online shopping:
TLS 1.0, RC4 with 128 bit Encryption (High)
RSA electronic commerce protocol, with 1024-bit exchange.
We use a Private Security Certificate, which allows the use of only
a single domain: www.spadepot.com
For your protection, our site will not allow a user to enter credit card information if the
valid Security Certificate is not in place.
Our website is Payment Card Industry Data Security Compliant (PCI DSS)
Secure Pages and Extended Validation
On pages in our store where you are entering passwords, credit card
numbers and other information that needs to be protected (https: pages), all browser types
will show you a padlock symbol to verify that you are on a secure site.
In IE7 there will be a padlock just to the right of the address bar
In IE6 there will be a padlock on the lower right
In Firefox the padlock is to the right of the address bar
In Netscape Navigator the padlock is on the lower left
In addition, The Spa Depot's Extended Validation SSL shows users with the latest
browsers and operating systems a green address bar when on a secure (https:)
page, indicating that the
transaction is securely encrypted and that The Spa Depot has been
authenticated according to the most rigorous industry standard. Only the
Internet's top ecommerce sites have incorporated Extended Validation SSL.
Wait! My address bar isn't green. Why not?
Different browsers use different methods,
and at this point they are not uniform.
Make sure you are on a secure (https:) page, such
as the account sign-in page.
You may be using an older browser that does not
support Extended Validation.
If you are using Firefox, the Browser address bar
is
partially gold colored. Firefox and Opera (Mac OS Browser) have announced
intentions to support Extended Validation SSL in upcoming releases.
If you are using Internet Explorer 7, Extended Validation is an option. You may have inadvertently disabled it when you installed IE7.
To enable this, you either need to turn on your automatic phishing
filter, by going to: Internet Options>>Advanced>>Phishing
Filter>>Turn on automatic website checking, or by selecting the checkbox called: Check for server certificate
revocation
in: Internet Options>>Advanced>>Security.
Okay, Why does my browser tell me that the security certificate isn't
from a trusted source?
Again, different browsers will show you a different result, but basically, this means that your computer isn't updated with the latest root certificate.
If you are running Windows with Internet Explorer, you may have missed a security update issued by Microsoft Updates. Open your Control Panel, and click on Windows Updates, and make sure that you have the latest security patch from Microsoft.
If you are running a Mac with Safari, Please be sure that you
have the latest version of Safari installed. You may need to
download the new version, and uninstall the old version before
installing the new one.
If you still are having a problem, here is a link to Verisign's
website, where you can download and install the updated root
certificate: Update Root Certificate
Click on "Accept" and it will download to your computer, once it has downloaded, double-click and follow the instructions.
All browsers will allow a user to view the security
certificate and verify identity by clicking the padlock symbol on any
secure (https:) page.
You can also click on the VeriSign®
Secured logo, displayed throughout our website, to verify SSL Encrypted
Data Transmission as well as to confirm The Spa Depot’s identity and ownership of the website as a valid business entity.
Credit Card Protection
We do require a CCID code to be entered along with card numbers during checkout for added customer
protection. The code is not stored on our site or elsewhere.
The Spa Depot only temporarily stores credit card information until the card has been processed. This data is high-level digitally encrypted, using extreme cryptographic software. Once processed, it is digitally destroyed, and we have neither access nor ability to recover it.
For your added protection, The Spa Depot does NOT store credit card
information for future re-use.
100% Guaranteed
You are also protected by the Fair
Credit Billing Act, which prohibits your bank from holding you liable for
more than $50 of fraudulent charges.* (Some banks even cover the first
$50). For your peace of mind, should your bank hold you responsible, The
Spa Depot will cover the liability for you, up to the full $50. We
will cover this liability upon proof if the unauthorized use of your credit
card resulted through no fault of your own from purchases made at spadepot.com
while using our secure server.
*In the event of unauthorized use of your
credit card, please notify your credit card provider immediately, in
accordance with its reporting rules and procedures.
NOTE: Infrequently, due to a customer browser setting, a
Security Information popup window may appear warning that there are
non-secure items on a page:
This DOES NOT indicate that our website is non-secure, only that an
object such as an image or a flash movie may have an absolute link from
a non-secure server, or non-secure area of our server.
Most of our images and flash movies are relative links, which will not
trigger a pop-up warning. However, for peace of mind a customer may feel
more comfortable by clicking "No" if a pop-up should ask "Do you want to
display the non-secure items?"
