Your shopping cart is empty!
Personal identification information
We may collect personal identification information from Users in a variety of ways, including, but not limited to, when Users register on the site, place an order, subscribe to the newsletter. Users may be asked for, as appropriate, name, email address, mailing address, phone number, credit card information,
Users may, however, visit our Site anonymously.
We will collect personal identification information from Users only if they voluntarily submit such information to us. Users can always refuse to supply personally identification information, except that it may prevent them from engaging in certain Site related activities.
Non-personal identification information
Google Analytics may collect non-personal identification information about Users whenever they interact with our Site. Non-personal identification information may include the browser name, the type of computer and technical information about Users means of connection to our Site, such as the operating system and the Internet
Web browser cookies
How we use collected information
Boho Bags collects and uses Users personal information for the following purposes:
Payments, Credit Cards and Account
We use Stripe as our Payment Gateway. Your account information and transaction details are stored securely on our own server at Blue Host, but the credit card information is stored by Stripe on their best of breed secure data centres. Some details of Stripe's security from their terms of service:
_____Stripe's Security Details____
Stripe has been audited by a PCI-certified auditor, and is certified to PCI Service Provider Level 1. This is the most stringent level of certification available.
SSL and HSTS
Stripe forces HTTPS for all services, including our public website. We regularly audit the details of our implementation: the certificates we serve, the certificate authorities we use, and the ciphers we support. We use HSTS to ensure browsers interact with Stripe only over HTTPS. Stripe is also on the HSTS preloaded lists for both Chrome and Firefox.
All card numbers are encrypted on disk with AES-256. Decryption keys are stored on separate machines. None of Stripe's internal servers and daemons are able to obtain plaintext card numbers; instead, they can just request that cards be sent to a service provider on a static whitelist. Stripe's infrastructure for storing, decrypting, and transmitting card numbers runs in separate hosting infrastructure, and doesn't share any credentials with Stripe's primary services (API, website, etc.).
email@example.com or on +61 411277026