We only collect personal information we really need, we don’t share it with anyone unless you let us and we do everything we can to keep it safe.
Your privacy really is very important to Poderi Crisci. So we have established and implemented privacy and information handling practices that reflect the highest standards and best practices of organisations doing business on the Internet.
We will not collect personally identifiable information like your name, e-mail and mailing address and telephone number (“Personal Information”) without your knowledge and permission;
We will not disclose your Personal Information to third parties unless you have authorized us to do so;
And we will take all reasonable steps to protect the security of the Personal Information we collect from you.
Your Personal Information
Poderi Crisci does not collect personally identifiable information on our website, such as your name, address, e-mail address or telephone number, without your knowledge.
Such information is collected only when you knowingly and voluntarily submit it to us (as, for example, when you contact us via e-mail). Poderi Crisci uses this voluntarily submitted information for the purposes for which it was submitted.
When you place an order or subscribe to our wine club, En Primeur- Poderi Crisci will ask you to provide certain information about yourself, such as your name, mailing address, or e-mail address.
The personal information you submit when placing your order/ subscription is treated as confidential. We use this information to process your transaction, and we share the information with Visa, Mastercard, Paypal etc. in order to process your order.
Our site may provide links to other sites. When you click on one of these links, you are leaving our site and entering another site that we do not control and for which we cannot be responsible.
You should carefully review the privacy statements or policies on any other site that you visit because those privacy statements or policies will apply to your visit to that site and may be very different from our policy.
Direct Payment Solutions Limited or its licensors (this will be referred to as DPS) are committed to protecting your privacy as an Internet user whenever you buy goods or services from a Merchant (us) which uses Payment Express. The Merchant, will generally be using Payment Express when the cardholder is using a credit or debit card over the Internet, Phone, Fax, Unattended or Integrated EFTPOS system. DPS recognizes its responsibility to keep confidential at all times any information which DPS acquires in connection with such a transaction, whether directly from the Cardholders or Merchant. DPS protects personal information (at a minimum) to the Payment Card Industry Data Security Standards. Please note however; DPS responsibility is limited to protection by DPS of information which DPS obtains. DPS itself cannot, of course, control the use or disclosure by your supplier of any information which they obtain from you.
Collection of Information
To enable DPS to provide secure payment facilities it will typically acquire information which may include the Cardholder’s name, credit card number (with the expiry date) and billing address.
Use and Disclosure of Information
DPS uses the information to obtain authorization of the transaction from the Issuing bank of the credit card and DPS’s own or the Merchant’s bank and to process the payment. Some details from the transaction (such as name, email and delivery address) may be made available to the Merchant or Acquirer through Payline – DPS web based transactions management system, which allows Merchants to track transactions and process refunds.
DPS is committed to data security. DPS uses a variety of technologies and procedures to help protect personal information from unauthorized access, use or disclosure. For example, DPS stores the data in computer servers with limited access that are located in controlled facilities secured by the latest in surveillance and security technology. When DPS transmits sensitive information (such as a credit card numbers), DPS protects it through the use of encryption, such as the Secure Socket Layer (SSL) protocol. Credit card details stored onsite are encrypted using 168bit 3DES encryption. DPS is a level 1 certified PCI-DSS compliant provider:
PCI DSS, the Payment Card Industry Data Security Standard is a set of security requirements relating to the protection of card holder data. The standard is governed by the PCI Security Standards Council, an organisation put together by most of the major card schemes VISA, MasterCard, American Express, JCB and Discover. It’s relevant for any entity that stores or transmits sensitive card holder data, that being generally things like the PAN (card number), Card security code, track data, PIN block. The current version of the standard is Version 1.2. Preceding PCI-DSS the card schemes had their own standards, the VISA Account Information Security (AIS) standard formed the basis to most of the PCI-DSS requirements.”
This policy was last modified on 14/03/17