Hi, Am I right in thinking that unless a site has an https address it's not using encryption? I've always gone by the principle that if a site doesn't have https at the start of the address I don't fill in card details. But now there's a site I want to register with which has a form for filling in my card details as part of the registration process, but the address of that page is not https, just http. Is my policy sensible? Can data I send be encrypted if the address isn't https? I'm not signed in on this site or anywhere else at the time, this is literally a form I'm filling in to register and the address is not https. Catherine ** To leave the list, click on the immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=unsubscribe] ** If this link doesn't work then send a message to: ** access-uk-request@xxxxxxxxxxxxx ** and in the Subject line type ** unsubscribe ** For other list commands such as vacation mode, click on the ** immediately-following link:- ** [mailto:access-uk-request@xxxxxxxxxxxxx?subject=faq] ** or send a message, to ** access-uk-request@xxxxxxxxxxxxx with the Subject:- faq