Our Payment Service Provider is Sage Pay – the largest independent payment service provider (PSP) in the UK and Ireland. Sage Pay provides a secure payment gateway (Level 1 PCI DSS), processing payments for thousands of online businesses, including ours. It is Sage Pay’s utmost priority to ensure that transaction data is handled in a safe and secure way.

Sage Pay is already a system in place on our website, so we know it’s reliable and safe for our customers.

About Sage Pay

Sage Pay is PCI DSS (Payment Card Industry Data Security Standard) compliant to the highest level and maintains regular security audits. They are also regularly audited by the banks and banking authorities to ensure that their systems are impenetrable.

They're a division of Sage which is an FTSE 100 business software company and is Europe’s leading payment service provider, sometimes known as a PSP. They process millions of secure payments every year for 40,000+ customers, which includes ourselves.

The company aim is to make sure that transactions are secure, simple and quick too, they don’t want people getting confused or having to wait around, which we can all understand.

Partner David Coton with the SagePay team

David Coton (right), Partner at GardenSite had the opportunity to meet the Sage Pay team ​to have an in-depth talk about what they do and why those things are important to us and our customers.

Fraud Prevention & Payment Security with Lloyds Cardnet PCI DSS.

We use a range of secure methods such as fraud screening and IP address blocking, all sensitive data is secured using the same internationally recognised 256-bit encryption standards.

Payment Card Industry Data Security Standards (PCI DSS) are a set of mandatory security requirements designed to ensure that merchants process, transmit and store cardholder data securely. We work with Lloyds Cardnet who have developed a system to ensure we as a business stay compliant with these Payment Card Industry Data Security Standard at all times and more importantly to the highest level. Being PCI DSS compliant is very important, if you sell goods and accept payment by credit card then you must be. Lloyds Cardnet conducts regular security audits, they are also regularly audited by the banks and banking authorities to ensure that their systems are impenetrable.

GardenSite has recently been featured as a Lloyds Cardnet Case Study, which explains more about the importance of payment security to both companies.

SSL Protection

Our entire website has been protected through the use of SSL (Secure Socket Layer) for many years, since 2017.

What does this mean to our customers? Simply safer shopping. As the world wide web is growing so is the risk of cyber attacks and vulnerabilities, as a result of the new protocol we have implemented these threats are minimised.

Most customers will not notice this security measure, but if you take a look at the website URL at the top of your browser, you'll see that the page URL begins with 'https' instead of 'http'. This means that all data passed between connections (our web server and your web browser) will remain private and integral at all times. The connection benefits from the maximum level of encryption, and GardenSite also has an extended validation (EV) certificate provided by Symantec, a leading global security firm.

To achieve this we have undergone rigorous validation of not just our website but the company as a whole. This is indicated by the ‘green bar of trust’ that visually indicates to shoppers that they are completely secure.

How can I tell if a website is secure?

Web sites that are secured with SSL encryption will show a green padlock icon next to the URL in the top left of your browser. You will notice that while browsing GardenSite and even this blog, that the start of the URL has turned green, which means that pages you browse and any information passed between your computer/device and our servers are secure and encrypted.

Data Protection

We never make your personal details available to any company for marketing purposes, although our representatives may hold your data so that your details and/or order can be processed.

Data Protection Act 1998 Registration Number: ZA200854

Data Protection Register - Entry Details