To clarify, our ecommerce system encrypts the entire order before saving it to the web server - even if the server is hacked, the data can't be decrypted because the private key isn't stored there.

Orders are then transfered to our internal network at empeg, which is firewalled, before being decrypted and imported into the sales system.

Personal details are never exposed to the internet in an unencrypted format.

Rob