GDPR


Can customers request to have data deleted or removed in accordance with the right Privacy by Design?

Yes. From 26 May 2018 onward, such requests can be emailed to [email protected]

Does MultiSafepay have a Data Protection Officer?

Yes, MultiSafepay has appointed a dedicated Data Protection Officer. This person is also registered with the Dutch Data Protection Authority (AP) and can be contacted by sending an email to [email protected]

Does MultiSafepay have a standard processing agreement?

Since online payments processing is the primary activity of MultiSafepay, we are a data controller, responsible for keeping it, and not a so-called (sub)processor, responsible for processing it any way. For this reason, we have added an addendum, which includes a number of provisions similar to a processing agreement.

Does MultiSafepay perform a pen test regularly in order to test security measures?

Yes. In accordance with, among other things, our PCI DSS certification, we regularly perform checks on our security including the pen test (ethical hacking). A so-called pen test (or penetration test) is a test for evaluating the security of a system by simulating cyberattacks and trying to find vulnerabilities that can be removed.

Is the acquired data used for commercial purposes?

No, absolutely not. The acquired data is solely used for the purpose of processing online payments. For all other purposes, explicit consent is requested before using (personal) data.

Is the stored data anonymized?

Yes. MultiSafepay’s number one priority is to protect the privacy of users. All acquired data is stored as anonymized to the highest extent possible.

What happens with the data after it is no longer used?

According to a standard procedure - in accordance with Dutch law and legislation-, the data is automatically destroyed as soon as it is no longer used.

What steps does MultiSafepay take to ensure data protection?

MultiSafepay has taken several measures to ensure the protection of your data, e.g. the use of specific software, company policy, procedures, and operational guidelines within our organization. The requirements set by the Payment Card Industry Data Security Standard (PCI DSS) are taken into account. MultiSafepay is PCI DSS certified, meaning that all stored customer data is encrypted.

Where does MultiSafepay store data?

MultiSafepay has two certified data centers in the Netherlands. Therefore, all collected data remains within the European Union.

Who can access or view the acquired data and for what purpose?

A few certified/cleared employees have very limited access to this data, strictly on a ‘need-to-know’ basis.

Other languages

Liever uitleg in het Nederlands? Neem contact op met uw accountmanager.

Vuoi ricevere informazioni in italiano? Contatta il tuo account manager.

Prefieres tener la explicación en Español? Contacta con tu gerente de cuentas.

Vous préférez une explication en français? Contactez votre gestionnaire de compte.