GDPR & PCI DSS Compliance

Setting the Standard for Data Protection and PCI Compliance

Reliable, Compliant, Secure: Trust our Standards

Compliance Excellence in Every Transaction

GDPR Compliant

Complete adherence to General Data Protection Regulation standards for EU data privacy

PCI DSS Certified

Payment Card Industry Data Security Standard compliance for secure payment processing

Data Security

Advanced security measures protecting all customer and merchant information

NABEYOND LTD, TRADING AS CARTDNA

Enhancing Security, Embracing Compliance. For Nabeyond Ltd, trading as CartDNA, adherence to the General Data Protection Regulation (GDPR) and the Payment Card Industry Data Security Standard (PCI DSS) is critical to safeguard data privacy, security, and foster trust with customers.

Comprehensive Compliance Framework

Below is a comprehensive list of general principles and practices Nabeyond Ltd, through its CartDNA platform, follows under both GDPR and PCI DSS frameworks to ensure the highest standards of data protection and security.

GDPR Compliance for Nabeyond Ltd (CartDNA)

Comprehensive data protection measures in accordance with European Union regulations

Data Protection by Design and Default

Integrate data protection measures into the development and operation of CartDNA services from the outset.

Lawful Processing of Data

Ensure that all personal data collected and processed through the CartDNA platform is done lawfully, transparently, and for specified, explicit purposes.

Accuracy of Data

Maintain the accuracy of personal data and allow for its updating or correction.

Storage Limitation

Retain personal data in a form that permits identification of data subjects for no longer than necessary.

Integrity and Confidentiality

Secure personal data against unauthorised or unlawful processing, accidental loss, destruction, or damage using appropriate technical or organisational measures.

Rights of Data Subjects

Facilitate the exercise of data subjects' rights, including access, rectification, erasure, restriction of processing, data portability, and objection.

Data Breach Notification

Implement procedures to detect, report, and investigate personal data breaches and notify the relevant authorities and affected individuals promptly when such breaches occur.

PCI DSS Compliance for Nabeyond Ltd (CartDNA)

Payment Card Industry Data Security Standard adherence for secure payment processing

Secure Network and Systems

Establish and maintain a secure network environment to protect cardholder data processed or stored by the CartDNA platform.

Protect Cardholder Data

Implement data protection strategies for the storage and transmission of cardholder data, including encryption techniques.

Vulnerability Management

Deploy anti-virus solutions and develop secure systems and applications to protect against malware and other cyber threats.

Access Control Measures

Restrict access to cardholder data on a need-to-know basis, assign unique IDs to users, and control physical access to data processing facilities.

Monitoring and Testing

Monitor access to network resources and cardholder data, and regularly test security systems and processes.

Information Security Policy

Develop and disseminate an information security policy among all employees and contractors involved with CartDNA operations.

General Compliance Practices

Employee Training

Conduct regular training sessions for employees on data protection laws, PCI DSS requirements, and security best practices.

Data Protection Impact Assessments (DPIAs)

Perform DPIAs for processing activities that pose a high risk to the rights and freedoms of individuals.

Vendor Management

Ensure that all third-party vendors and service providers comply with GDPR and PCI DSS standards as part of their engagement with Nabeyond Ltd.

Documentation

Maintain comprehensive documentation of data processing activities, security policies, and compliance efforts.

Our Commitment to Excellence

Nabeyond Ltd, through its operation of CartDNA, is committed to upholding the highest standards of data protection and security, ensuring compliance with GDPR and PCI DSS to protect customer data and maintain trust.

Compliance Questions?

Our compliance team is available to answer any questions about our GDPR and PCI DSS adherence and security practices.