Privacy Policy

We at the Beanstock Coffee Roasters take your safety and privacy very seriously. We have recently implemented a new web site with a state of the art security system to address the ever growing hacker presence on the web. We follow all security best practices and recommendations. Specifically, our site adheres to Payment Card Industry (PCI) Data Security Standard (DSS).

When you checkout, any information passed from your computer to our Web site will be encrypted with a digital certificate using either the SSL 3.0 or TLS protocol. This encryption uses RSA and SHA algorithms with a 1024 bit public key and 128 bit session key. This is the same technology used by industry leading e-commerce sites. Using current techniques, breaking a 128 bit key would take significantly longer than the age of the universe.

Secure transactions will be signified by the icon of a lock in your browser window. The digital certificate also verifies the identity of our secure site. If you're browsing the site using Microsoft's Internet Explorer Web browser, you can click the lock icon to view the certificate.

Automated retention policies ensure that credit cards are stored only as long as necessary to process your order. While stored on our system, the credit cards are encrypted with an RSA based, asymmetric encryption algorithm. The pass phrase which unlocks the private key is not stored in any form and is known only by specific personnel.

If you create an account on our site, the password for your account will not be stored on our system in plain text. Instead, the password will be "hashed". A hash is a one-way encryption algorithm. The password cannot be determined from the hash. As a result, we cannot e-mail your password to you if you've forgotten it. We can only reset a password upon request and e-mail the new password to the e-mail address we have on file.

Finally, to ensure that your experience on the Web site is a safe one, the site undergoes regular, periodic vulnerability scans administered by a PCI DSS certified third party vendor. These scans ensure that the Web site and the shopping cart system are not vulnerable to any known attacks.