Bad Wolf and Business

Here's some information on how we work.  Hopefully you'll find it interesting, informative, and above all reassuring!


Business
"Bad Wolf" is a small personal project run with the experience of over six years of Internet mail-order business operation behind it (that's also the company who handles your online payments for Bad Wolf).  That's why the stuff on this page is as detailed as it is.  The really good thing about it being a project as opposed to a huge commercial operation is that there's real people behind it, none of whom actually collect a salary from it.  That means there's no pressure and anyone's input is purely by choice.  People are so much more enthusiastic when they do things by choice, don't you think?  It's great! 


Security
We proudly guarantee that your online ordering here is a safe and secure transaction. Be sure to read the Factoids too, you might find them interesting...

Our site uses the strongest commercially available level of public web server encryption, 128-bit Secure Socket Layers (SSL). The familiar padlock sign is, however, only visible when you 'checkout' and personal info is called for. Once you start entering personal information, whether name and address or credit card details, you will notice the security padlock inside the bottom of the browser window. If you are concerned that you are seeing browser security messages too frequently, check the security levels you have set in your browser, they may be set a bit high for general web browsing and scripting. You can then comfortably continue your online ordering.

This stuff ensures that your transactions are secured between your computer and our web server. Your information is not stored permanently on the web server, providing further safety. Further encryption methods and physical security protect customer-specific information once stored on our office computers. We never even see your credit card info any more!  As of April 2003, card payments are passed through PROTX and Lloyds TSB Cardnet directly, and we're never even exposed to your actual card details at any stage. Perfect!  No People!

Factoid: Unlike most other websites, allow us to be fully open with you; Our server uses up to 128-bit encryption. The actual strength of encryption depends on your browser. Your browser may, for example, only be capable of 32-bit encryption. This is still extremely secure of course in real-world terms, requiring an unrealistic effort of time and processing power to first capture, and then decrypt. It just annoys us to read websites stating that your transaction is 128-bit secure when they simply can't possibly know that, and make that claim.

Factoid: We are aware that some less professionally implemented websites out there process your transaction between you and their web server safely and securely via SSL encryption, then totally NULLIFY this by e-mailing the entire transaction from the web server to their office premises over the open Internet with no encryption of any kind - including card details. This is a shameful practice, falsely projecting the illusion to the customer that his naked credit card and personal details are never exposed to the world. Oh dear. Needless to say WE DON'T. We collect your already-encrypted information directly from our web server via an encrypted connection of our own, and your card details are handled entirely by Protx between your computer and theirs.



Cardholder Security
Our level of credit/debit card authentication could in fairness be described as paranoid. Every last purchase via our website undergoes total authentication of the card details and cardholder identity via PROTX/Lloyds TSB Cardnet who in turn verify these details direct with the card issuer. We're rather proud of our procedures. Some tricky goofballs actually have real credit cards in their hands which have just been freshly stolen, yet still they fail to get past us. Those cards also get barred as soon as we report them of course, so we're actually preventing fraud against people who aren't even our customers!

As well as thorough authentication and verification through the card issuer, we also receive a risk assessment (through the banking mechanism) of every single transaction by an agency which specialises in the field.  For example, we'll be warned if a given card or billing address has seen a lot of unusual out-of-pattern activity very recently.

We don't hesitate to require additional verification if ANY part of the authentication process returns a negative result, or if we are advised to proceed with care.  If you can't accept that this minor inconvenience is for EVERYONE'S good, then that's too bad. Again, this is how we do business. If you aren't prepared to accomodate our security levels, then Au Revoir.



Your Privacy

Marketing
At Clarity we despise spam and junk postal mail with an indescribable intensity. So any and all personal contact information which you give to us will be jealously guarded for our own records and uses only, and never, ever, released to any third parties for their evil marketing purposes. You'll notice we don't even bother to ask for your preference in this regard, we just default all customer info to Not For Marketing Disclosure, and that's the end of it.

Necessary Disclosures
There are of course some organisations to whom we have to give your details during the course of carrying out our business, such as your chosen payment service provider, carriers and so forth. None of these entities use such information outwith the job in question.

Historical Records
We naturally keep records of all our transactions and enquiries. We therefore have a history of your dealings with us. All communication by e-mail is archived at our discretion.





Please e-mail any questions or comments to this address too.  Happy to answer anything at all.

"Doctor Who" is the intellectual property of the British Broadcasting Corporation (BBC) in the UK

Website hosting kindly provided by Clarity

Bad Wolf - Room 101 - 120 King Street - Kilmarnock - KA1 1DJ - UK