Escentual.com is hosted on a dedicated server in a secure datacentre in the United Kindom, protected from both physical and technological threats by the highest standards of security.
All of our web and database servers are firewalled off from the internet according to carefully designed security policies, allowing only the access that customers need in order to make use of our services.
All sensitive data - personal and financial details, for example - is encrypted to at least industry standard (256 bit AES where possible).
Escentual is fully PCI-certified. Web-based orders are handled by our universally respected payment gateway, Braintree - your bank details need never go through our own systems. We only get an encrypted token that allows us to see the last 4 digits and charge and refund you for your order. Telephone orders are handled on an extra-secure sector of the network, purposefully secured even from our own systems. We also, as part of the PCI certification, subject our entire system to regular scans to ensure that they are secure and safe for you to put your trust in, even for the short period of time for which we need them.
To finally ensure the security of our customers' details, we make a deliberate choice never to store credit or debit card details on our servers, although an encrypted token for your card is stored upon checkout allowing you to check out easily even when you don't have your card to hand. If you do not want us to store these details you can delete any stored cards in the "my account" section of our site .