Top Tombola Logo
Product has been added to your basket.

PCI DSS COMPLIANCE POLICY

I. Policy Statement

Company Name: Top Tombola

Website: toptombola.co.uk

This PCI DSS Compliance Policy outlines that all aspects of PCI DSS compliance for payment card data, including its protection, handling, and storage, are the responsibility of our third-party payment gateway, cashflows.com. Top Tombola ensures compliance by exclusively using cashflows.com’s services for processing payment card transactions.

II. Scope

This policy applies to all employees, contractors, and third-party vendors involved in payment processing at Top Tombola and is subject to compliance with cashflows.com’s policies and procedures.

III. Policy Objectives

    1. Ensure compliance with PCI DSS requirements through the use of cashflows.com’s services for payment card transactions.

    1. Securely process payment card data while transferring all compliance responsibilities to cashflows.com.

IV. Responsibilities

1. Management

Top Tombola’s management is responsible for:

    • Ensuring that all payment card data handling and compliance activities are outsourced to cashflows.com.

    • Regularly reviewing the compliance status and policies of cashflows.com to ensure their continued adherence to PCI DSS standards.

2. Employees

All employees must:

    • Follow cashflows.com’s procedures and guidelines for payment card data handling and processing.

    • Report any issues or concerns related to the security of payment card data to the relevant contact at cashflows.com.

    • Remain aware of their role in ensuring that payment card data is processed securely.

V. Payment Processing

All payment card data processed through the toptombola.co.uk website is redirected to cashflows.com, and cashflows.com is solely responsible for PCI DSS compliance, data protection, and secure payment processing.

VI. Security Measures

Top Tombola relies on cashflows.com to implement the following security measures to comply with PCI DSS:

    1. Encryption: Cashflows.com will use strong encryption mechanisms to protect payment card data during transmission.

    1. Access Control: Cashflows.com will maintain strict access control to limit access to payment card data to authorized personnel.

    1. Regular Monitoring: Cashflows.com will continuously monitor systems for security vulnerabilities and anomalies.

    1. Security Awareness: Cashflows.com will conduct regular training and awareness programs for their employees involved in payment card data handling and processing.

    1. Incident Response: Cashflows.com will have an incident response plan to address potential data breaches.

    1. Compliance Audits: Cashflows.com will regularly audit and assess their PCI DSS compliance and address any non-compliance issues promptly.

VII. Reporting and Non-Compliance

Any suspected or confirmed breach of payment card data security will be the responsibility of cashflows.com to report to relevant authorities. Non-compliance with PCI DSS by cashflows.com should be addressed through their compliance procedures.

VIII. Review and Revision

Top Tombola will periodically review cashflows.com’s PCI DSS compliance and monitor their policies and practices to ensure ongoing adherence to PCI DSS requirements and evolving security standards.

This website uses cookies to improve your experience. If you continue to use this site, you agree with it.