Payment Security Policy

PCI DSS & Payment Security Policy for www.mytimeats.com

1. Introduction

This PCI DSS & Payment Security Policy outlines how Myti Meats protects the sensitive payment card data of our customers to ensure compliance with the Payment Card Industry Data Security Standard (PCI DSS). The policy applies to all systems and processes that handle, store, or transmit payment card information.

2. Payment Card Information Security

Myti Meats commits to maintaining the highest levels of security for payment card data. We ensure that:

• Cardholder Data (CHD) is never stored in any unencrypted format on our systems.
• Payment transactions are processed via secure, PCI DSS-compliant third-party payment processors.
• We use strong encryption (SSL/TLS) to protect payment data during transmission.
• Payment details are immediately discarded after transaction authorization.

3. Secure Payment Gateways

All payments made on www.mytimeats.com are processed through a trusted, PCI DSS-compliant third-party payment gateway. This ensures that customer payment data is handled securely, and we do not store sensitive cardholder information on our servers.

4. Access Control and User Authentication

Access to systems that process payment data is restricted and controlled:

• Only authorized personnel have access to payment processing systems.
• Strong, unique passwords and two-factor authentication (2FA) are used to secure all administrative access to sensitive payment data.

5. Regular Security Testing

We perform regular vulnerability assessments, including:

• Penetration testing of the website and payment systems.
• Vulnerability scanning of the website and server environment, which is performed quarterly by a PCI-approved scanning vendor (ASV).
• Security audits to ensure compliance with PCI DSS requirements.

6. Data Encryption

All cardholder data (CHD) that is transmitted over the internet is encrypted using SSL/TLS protocols. This ensures that sensitive information, including card details, is protected during the transaction process.

7. Secure Storage

At no point do we store sensitive cardholder information (e.g., full credit card numbers, CVV codes) on our website or internal servers. Any data related to payments that must be stored for operational purposes is encrypted and handled in compliance with PCI DSS standards.

8. Compliance with PCI DSS

Myti Meats complies with the PCI DSS requirements set by the Payment Card Industry Security Standards Council. We ensure that:

• Systems processing card payments are protected against unauthorized access.
• Our website undergoes regular security updates to address potential vulnerabilities.
• Employee training programs are conducted regularly to raise awareness about security best practices.

9. Incident Response

In the event of a data breach or security incident involving payment card data:

• We will immediately notify affected customers and relevant authorities.
• We will work with forensic investigators to identify and mitigate the breach.
• We will notify customers and ensure they understand the actions taken to secure their data.

10. Customer Responsibilities

Customers are encouraged to ensure:

• Their device is secure and not compromised by malware or phishing attacks.
• They use strong, unique passwords for their accounts on www.mytimeats.com.
• They immediately report any suspicious activity to our customer support team.

11. Updates to this Policy

This policy will be reviewed regularly and updated to ensure continued compliance with PCI DSS and industry best practices. Customers will be informed of any material changes to this policy.

---

 

For further information on PCI DSS compliance or payment security practices, please contact our customer support team at hello@mytimeats.com