Security
LAW AND SUPERVISION
The owner of the Internet shop taking in the payment via card or transfer should always check if the company with which the contract is signed has appropriate permission for running a business. Both the rules and appropriate permission aim to ensure the safety for Internet shops and for Customers transferring the money. These aims are being realised by putting such demands and audits which improve the company’s activity.
Dotpay Ltd. owns Dotpay with its headquarter in London (UK). Dotpay runs a business according to Financial Service Authority requirements, The Regulation of Electronic Money Issuers concerning companies serving financial transactions in European Union. Dotpay has HM Customs and Excise allowances for running a business with a financial character of mediating (transferring money between a payer and a payee).
SECURITY
Dotpay is the safest on-line payment system in Poland. The appliance of strict procedures and the latest technologies, supported by the professionalism and experience of our staff, has led to the recognition of Dotpay as the best payment transactions service for Internet stores, companies, and between individuals. Below you will find short descriptions of security software being used by Dotpay.
PCI DSS Certificate
|
Dotpay has been awarded a certificate of Payment Card Industry Data Security Standard (PCI DSS), Visa Cardholder Information Security Program (CISP), Visa International's Account Information Security (AIS), MasterCard International's Site Data Protection (SDP), American Express Data Security Standards (DSS) and Discover Card's DISC.
|
Payment Card Industry Data Security Standard (PCI DSS) to światowy standard ustalony przez organizacje finansowe w celu ochrony danych osobowych posiadaczy kart oraz informacji związanych z ochroną danych osobowych. Stworzony standard PCI DSS odpowiada na zapotrzebowanie organizacji zajmujących się rozliczaniem transakcji, a także ma na uwadze potrzebę umocnienia zaufania Klientów do realizowania płatności za pomocą sieci Internet.
According to payment organizations requirements all companies dealing with online payments should comply with strict security standards of PCI DSS. Dotpay confirmed to comply with Visa, Mastercard, American Express and Discover requirements.
McAfee SECURE Certificate
|
SECURE McAfee research confirms and certifies the already tested devices according to the security policy and Department of Homeland Security's National Infrastructure Protection Center (NIPC) requirements.
|
Multinational reputable McAfee laboratories are the leader on the net security market. McAfee certificate awarded to Dotpay S.A. states that Dotpay complies with security procedures providing the highest level of hackers' resistance. Such a document has been awarded to Yahoo!, Lycos, PriceGrabber.com and Amazon.
Security researches conducted by McAfee Inc. on daily basis confirm that Dotpay is the most secure online payment service, which successfully secures data and the system against hackers' attacks.
Thawte Web Server Certificate with EV (Extended Validation)
|
SSL certificate with an advanced validation with 256 bit coding providing the highest level of Internet webpage owner's standard authorisation. Any information sent between a user and a server is not used by the third party.
|
The certificate prevents from any data or information stealing which could be used to make a payment by the third party. Dotpay transaction webpages are shown on the green label for buyers and payers using online Dotpay.
PERSONAL DATA PROTECTION
Dotpay pays a great attention to its customers personal data protection. Confidentiality principles are available on Dotpay websites to all parties concerned. As data administrator, Dotpay Ltd. ensures that the data submitted is secure. The data is protected and secured especially against access by unauthorised persons. Your personal data is processed exclusively for the purpose of Dotpay services.
Information concerning you can be disclosed to authorised public bodies. Dotpay Ltd. grants you access to your own data, a right to demand the data update and cancellation.
What information do we gather and what do we do with it?
In line with the general rules for Internet connections, information contained in system logs (e.g. IP address) is used by Dotpay for technical purposes related to our servers administration. Dotpay uses cookies in order to supply services and content. In some cases, identification and customised (personalised) access to services rely on cookies. However, it is most often the case that the user’s authorisation, at least one, with a password is necessary during a session. Inactive cookies in the browser usually do not unable the use of our services, however, it can cause certain inconvenience.
Information gathered during registration
Users are requested to provide their details (first and last name, phone no., email address, etc.) in a registration form. These details are necessary to supply services. We can request confirmation of personal data by presenting an identity card. Submitted settlement related data is used to check whether a person meets registration terms and conditions and to collect fees for services. Contact data provided in the registration form is used for accounting purposes and to contact the customer (e.g. as part of customer service). Also, Dotpay uses data in the registration form to send out information about its operations and services to its customers. The customer can always opt out of from such correspondence by submitting a correspondence form available upon login to the website or by registered mail sent to the service owner.
Data disclosure
Dotpay does not disclose personal data to entities other than those entitled by the law.
Security
Dotpay ensures data security to its Users. Our security procedures protect data against unauthorised access. We take measures to protect the personal data base by restricting access to it. Only a small group of authorised persons can access the Users’ personal data.
Removal/Inactivation Procedure
Dotpay enables its Users to remove their data from the data base (also when they want to stop receiving correspondence). The customer can always opt out from such correspondence by submitting a correspondence form available upon login to the website or by registered mail sent to the service owner.
Data changes/modifications
Dotpay enables its Customers to modify data by submitting a correspondence form available upon login to the website or by registered mail sent to the service owner.