If by any issues the changes that we make will affect the way your data are used, the customer will be notified by email or phone, appropriately. The customer may object to changes in use of his/her personal data by contacting us. Our customer service will support you on this matter.
When the customer enters into agreement of accessing Gate2Payments’s services, we may collect and process the following information about you:
This information and other will be necessary in order to fulfill your request, process your payments details, provide support services and monitor fraudulent activities.
Our primary purpose in collecting your information is to provide you with a safe, efficient, and customized experience. Your information will be used in the following matters:
We are committed to ensure that your information is secure. To prevent unauthorized access or disclosure of information, we have physical, electronic and managerial procedures in place to keep your information safe. Gate2Payments has the highest level of payment security; we are PCI level 1 Certified. All sensitive payment information is securely locked away and safe.
Gate2Payments must at the customer’s request give the customer sufficient information so that the customer can supervise that such technical and organizational security measures have been installed. The customer bears all costs in this connection, including for Gate2Payments’s time used.
Card Tokenization is a process that consists of converting very important data within a unique signature. This technology allows to convert all data that we protect into unreadable generated values. This therefore gives full security to the system and allows our software to keep the customers data locked down.
Tokenization replaces subtle payment data with token that cannot be mathematically reversed. Tokenization is allowing all the merchants to control the storage of cardholder data and simplifying object’s valuation against the PCI DSS. As a result, this technology protects all data from A to Z, which makes it unbreakable.
All transfers, in the payment system, of the customer’s credit card data from the customer to Gate2Payments as well as Gate2Payments’s storage of such data happen in encrypted form. Gate2Payments uses in this connection an SSL-certificate issued by GlobalSign. The validity of the SSL-certificate can, at any time, be verified on Gate2Payments’s homepage.
Gate2Payments is performing daily backup of all servers and systems. The backup is carried out and stored according to the conditions for VISA/MasterCard’s PCI-certification. The PCI compliance requirements can be seen on VISA’s homepage.
If the customer loses data due to conditions that Gate2Payments’s is responsible for, Gate2Payments will assist the customer in re-establishing these data on the basis of the last functioning backup. The customer cannot make further claims against Gate2Payments regarding any loss of data.
If the customer loses data due to conditions that Gate2Payments is not responsible for, including the customer’s own conditions, Gate2Payments will, including a separate cost, assist the customer in re-establishing the data from the last functioning backup to the extent possible. However, the customers are recommended to always make backups of their own data.
In relation to the establishment of the present agreement, the customer is given a username and password, which the customer must use to access the administration of his/her payment solution at Gate2Payments.
The customer should always keep his/her username and password confidential. If the customer suspects that a third party has knowledge of his/her password, the customer must immediately inform Gate2Payments about it.
Gate2Payments can make requirements to the length and complexity of the customer’s password, and can at any time discretionarily require that the customer change his/her password.
All of Gate2Payments’s servers are equipped with an updated antivirus program.
The customer should secure his/her computers with updated antivirus program. If Gate2Payments, at several occasions, receives virus or similar from the customer, Gate2Payments can interrupt the connection to the customer, and can also require that the customer installs and updates an antivirus program.
Gate2Payments’s IT-systems are certified and security approved according to the PCI-standard of VISA/MasterCard and undergoes a yearly IT-revision, performed by a recognized IT-security firm.
Quarterly, a recognized IT-security firm is performing scanning of Gate2Payments’s servers and network in order to increase security and avoid unauthorized intrusion.
Gate2Payments tries to avoid any misuse of its services, but cannot guarantee that misuse or intrusion in Gate2Payments’s IT-systems cannot happen.
If the customer suspects a misuse of credit card data or Gate2Payments’s services, or that intrusion in Gate2Payments’s IT-systems has happened or will happen, Gate2Payments must be informed. Likewise, the customer must immediately inform Gate2Payments if he/she has been victim of misuse of credit card data or attempt to or actually intrusion of the IT-systems that the customer uses.
If Gate2Payments considers that the customer is misusing the payment system, violating the security regulations and guidelines issued by Gate2Payments or provider, or that misuse is happening from a domain belonging to the customer, Gate2Payments is without warning entitled to cease the customer’s use of the payment system or deny access to the payment system from the domain in question.
Gate2Payments disclaims any responsibility, if the customer has not complied with the security regulations and guidelines issued by Gate2Payments or provider, with whom the customer has made an agreement. References to the relevant security regulations and guidelines are stated in Gate2Payments’s ”Getting started guide”. In the guide it is also stated where the security regulations and guidelines can be found.
The customer is not entitled to forward card data to his/her own or third party’s servers, unless the payee, including the customer him/herself, is specifically PCI-certified.
If Gate2Payments discovers that the customer carries out such forwarding,Gate2Payments will interrupt immediately the customer’s use of Gate2Payments’s services. The customer can only regain access to Gate2Payments’s services when he/she can demonstrate compliance with all legal requirements and PCI-rules for payees.
Gate2Payments is in such cases entitled to inform the relevant authorities and companies, including the providers etc., just as Gate2Payments can require that the customer inform specific authorities, companies and/or cardholders.
Gate2Payments complies with the at any time existing legislation for its firm and its services. Gate2Payments complies with the requirements from the related acquirers, VISA and MasterCard, and with the PCI-standard.
The customer is obliged to comply with the existing legislation, conditions imposed by the provider(s), with whom the customer has made agreement as well as the current conditions for payees in the PCI-standard.
Gate2Payments does not assume responsibility for the legality of the customer’s use of the payment system or the content of the data sent by the customer in connection with the solution. It is solely the customer’s responsibility to comply with legislation towards his/her own customers and third party.
The customer indemnifies Gate2Payments for any claim that third party or public authorities might rise against Gate2Payments in the case of alleged violations of third party rights or the customer’s violation of existing legislation or conditions imposed by a provider. In the case of such requirements, Gate2Payments is without warning entitled to suspend the customer’s use of Gate2Payments’s services.
Your personal information will be disclosed to any members of our staff, including: Owner, COO, Account Managers and other staff members. This may be necessary in order to fulfill your request, process your payments details, provide support services, and monitor fraudulent activities. In order to avoid any conflicts related to disclosure of your personal information, a Non-Disclosure Agreement will be signed.
The Recipient agrees that Confidential Information will be made available only to Representatives of the Recipient who:
If your enquiry is regarding technological questions, billing or invoicing, or the integration of your solution, please use the contact forms.