Since the processing of online payments is the primary focus of MultiSafepay, we are ‘responsible’ and not a so-called (sub)processor. For this reason, we have added an addendum, which includes a number of provisions similar to a processing agreement.
MultiSafepay has taken several measures to ensure the protection of your data, e.g. the use of specific software, company policy, procedures, and operational guidelines within our organization. The requirements set by the Payment Card Industry Data Security Standard (PCI DSS) are taken into account. MultiSafepay is PCI DSS certified, which means that all consumer data is stored encrypted.
MultiSafepay’s primary activity is processing online payments. When we use consumer data, it is solely in the interest of fraud detection and prevention.
Yes. In accordance with, among other things, our PCI DSS certification, we regularly perform check on our security including the pen test (a so-called pen test (or penetration test) is a test for evaluating the security of a system).
MultiSafepay has taken several measures to protect (personal) data and to ensure safe communication,e.g. the use of specific software, policies, procedures and operational guidelines within our organization. Consumer data can be used or viewed within the certified MultiSafepay back-end, solely for the purpose of fraud detection.
MultiSafepay has two certified data centers in the Netherlands. Therefore, all collected data remains within the European Union.
Yes. MultiSafepay’s number one priority is to protect the privacy of users. All acquired data is stored as anonymized as possible.
A few certified/cleared employees have very limited access to this data, strictly on a ‘need-to-know’ basis.
No, absolutely not. The acquired data is solely used for the purpose of processing online payments. For all other purposes, explicit consent is requested before using (personal) data.
Data is automatically destroyed according to a standard procedure (in accordance with Dutch law and legislation). The data is automatically destroyed as soon as it is no longer used.
Yes. From 26 May 2018 onward, such requests can emailed to [email protected]