Security policy

We have taken reasonable precautions to ensure that your transactions and personal data are safe. For all communication between your web browser and our server we use industry standard SSL encryption (SHA256 with RSA Encryption). Our certificate is domain validated and is issued by Let's Encrypt.

The servers your personal data is stored on are located in a secure facility, Luxconnect's Tier IV Datacenter in Roost/Luxembourg. Our trusted service providers are root S.A. and Servers.com . The server hardware as well as the surrounding infrastructure (cooling, power supply and network) has been set up in a redundant way, the software is kept up-to-date. The web servers are protected by firewalls and the number of people having authorized access to the system on a physical and on a virtual level is strictly limited.

Your credit card data, or data used to access your chosen payment mean, is not collected, processed or stored on any of our servers, or does even travel through our network. We use different trusted payment providers, like Paypal, SumUp and Payconiq to handle your payments. During the payment process you will be directed to their respective websites, where you can perform the payment, on completion you will be redirected again to our website.

We do not share your data with any third parties unless they are essential in the execution of the contract (i.e. delivering the product to you) or if we are required to do so by law (i.e. audit by the tax administration). We do not share your data for marketing purposes.

To reduce phishing attempts, we use a combination of different methods, mostly DNS based, to protect our email communication with our customers. These techniques may include, but are not limited to, SPF, DKIM and DMARC. These techniques allow our customers to verify the origin of the emails.

While we take every reasonable measure to protect your data on our servers from unauthorized access, we also need our customers' help. We recommend all our customers to follow good practices when using the internet, which includes, but is not limited to, keeping your software up to date, using an antivirus software and a firewall. Do not use the same password on multiple websites, use encrypted connections and be vigilant when you receive suspicious attachments or links by email.

If you have any reason to believe that an unauthorized use of your personal data has taken place, please notify us immediately.

Cookie name	Provider	Purpose	Expiry
PHPSESSID	roses.lu	This cookie is native to PHP and enables websites to store serialised state data. It is used to establish a user session and to pass state data via a temporary cookie, which is commonly referred to as a session cookie.	Session
PrestaShop-#	roses.lu	This cookie helps keep user sessions open while they are visiting a website, and help them make orders and many more operations such as: cookie add date, selected language, used currency, last product category visited, last seen products, client identification, name, first name, encrypted password, email linked to the account, shopping cart identification.	480 hours
sf_redirect	roses.lu	Cookie used to redirect the user’s session.	Session

Cookie name	Provider	Purpose	Expiry
_ga	Google	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.	2 years
_gat	Google	Used by Google Analytics to throttle request rate	1 day
_gid	Google	Registers a unique ID that is used to generate statistical data on how the visitor uses the website.	1 day

Search here...

Security Policy

Security policy

Free Deluxe Samples

Save on Sets

Free Delivery

roses.lu

About

Account

Support

New Account Register

Security policy

Existing Account Login Login to your account

Reset Password

New Account Register