GILT Groupe Holdings, Inc. and its subsidiaries or affiliates (collectively, “GILT”), respect your concerns about information security. GILT is committed to protecting the security of the information we collect and maintain about our most important asset - our customers.
How We Protect Information about our Customers
- Industry-standard SSL (Secure Sockets Layer) encryption is always used to protect your purchase information while in transit.
- Stored credit card information is always encrypted and maintained in an environment that has been certified as PCI DSS compliant by a qualified security assessor.
- GILT websites are constantly scanned and validated to verify application and network security.
- All internal security standards, policies and practices are frequently reviewed and improved based on the current industry security practices.
Information Security Tips for Protecting Yourself
- Never share your user ID or password. Remember, anybody who holds your account login information can access your account and make a purchase.
- Create a secure password. The more secure your password is, the harder it is to guess. While it‘s not required, we suggest that you choose a password that is at least 7 characters and includes a mix of letters, numbers and special symbols.
- Avoid using easily identifiable or personal information as your password, such as a word from a dictionary, family or pet’s name, or email address.
- Be cautious about using a public computer, as it may contain keylogger software designed to steal your login credentials. If you do decide to use a public computer to shop on the GILT websites, do not forget to sign out from the website when you have finished using the public computer.
- Emails are generally insecure and easy to forge. Be aware that an email, even if it appears to come from a friend or a business partner, could be fraudulent and designed to trick you into providing personal information or installing dangerous software on your device.
- Install antivirus and firewall software on your computer to help protect yourself from phishing scams and viruses.
- GILT will never initiate the request for your account password or any other sensitive account information, such as your credit card.
- If you contact GILT Customer Support, we may verify your identity by asking for non-critical information, such as your account user name, shipping address or past order information.
- If you have received a suspicious email that appears to have come from GILT or have concerns about an email request you have received from GILT, please forward the email to email@example.com.
On the Phone
- When you call GILT Customer Support, we may verify your identity by asking for information such as your current shipping address, order information or the last four digits or expiration date of the credit card we have on file for your account.
When logging in or checking out on the GILT websites, all sensitive data is transmitted over HTTPS. This means a secure SSL connection has been established, and that all data transmitted through this connection will be encrypted. If you are receiving SSL Certificate errors when accessing the GILT websites, that means that the domain name in the SSL certificate does not match the address that is in the address bar of the browser. Alternatively, it may mean that your browser is misconfigured and does not accept the root certificate used by GILT. Please contact firstname.lastname@example.org if you encounter this error.
If you suspect that any account information has been compromised or fraudulent charges have been made on your GILT account, please contact Customer Support immediately for assistance by contacting us through the website or calling (877) 280-0545.
Updates to this Information Security Policy
This Information Security Policy may be updated periodically and without prior notice to you to reflect changes in our information security practices. We will post a prominent notice on our websites to notify you of any significant changes to our Information Security Policy and indicate at the bottom of the policy when it was most recently updated.
5/18/2010: Initial version posted
8/04/2011: Revision posted
1/28/2012: Revision posted