Data Security/Personal Cardholder Information Clause Samples

Data Security/Personal Cardholder Information. Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services or Merchant has reason to believe the identity of the person presenting the Card may be different than that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Servicer or the applicable Card Brand, except as expressly authorized in writing by the Cardholder, or as required by law. (a) Safeguards. Merchant will maintain appropriate administrative, technical and physical safeguards for all Cardholder Information. These safeguards will (a) ensure the confidentiality of Cardholder Information; (b) protect against any anticipated threats or hazards to the security or integrity of Cardholder Information; (c) protect against unauthorized access to or use of Cardholder Information that could result in substantial harm or inconvenience to any Cardholder; and (d) properly dispose of all Cardholder Information to ensure no unauthorized access to Cardholder Information. Merchant will maintain all such safeguards applicable to Merchant or Servicer in accordance with applicable federal and state laws, rules, regulations and guidance. Merchants transacting in electronic commerce must: offer Cardholders secure transaction methods such as SSL or 3-D Secure; install and maintain network firewalls; regularly update security patches; restrict and track employee access to all data relating to Cardholders and Card transaction (“Data”); encrypt all stored Data sent over open networks; use only approved or validated payment software applications; establish policies for properly managing use and allocation of passwords; and consistently assess and revise security systems and processes.
View SourceView Similar (24)
Data Security/Personal Cardholder Information. Except as otherwise provided by the Network Rules, Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services or Merchant has reason to believe the identity of the person presenting the Card may be different than that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Provider or the applicable Card Network, except as expressly authorized in writing by the Cardholder, or as required by Law or the Network Rules.
View SourceView Similar (21)
Data Security/Personal Cardholder Information. Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services or Merchant has reason to believe the identity of the person presenting the Card may be different than that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Peoples Trust or the applicable Card Association, except as expressly authorized in writing by the Cardholder, or as required by law.
View SourceView Similar (18)
Data Security/Personal Cardholder Information. Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services or Merchant has reason to believe the identity of the person presenting the Card may be different from that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Settlor or the applicable Card Association, except as expressly authorized in writing by the Cardholder, or as required bylaw. PayArc acknowledges that while cardholder information is in its possession it is responsible for the security of such cardholder data and any ensuing storage, processing or transmitting activity on behalf of the customer and would, to that extent only, be responsible for and store and secure such cardholder information under normal industry standards. (a) Safeguards. Merchant will maintain appropriate administrative, technical and physical safeguards for all Cardholder Information. These safeguards will (i) ensure the confidentiality of Cardholder Information; (ii) protect against any anticipated threats or hazards to the security or integrity of Cardholder Information; (iii) protect against unauthorized access to or use of Cardholder Information that could result in substantial harm or inconvenience to any Cardholder; and (iv) properly dispose of all Cardholder Information to ensure no unauthorized access to Cardholder Information. Merchant will maintain all such safeguards applicable to Merchant, ISO, or Bank in accordance with applicable federal and state laws, rules, regulations and guidance.
View SourceView Similar (11)
Data Security/Personal Cardholder Information. Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honouring Cards unless such information is required to provide delivery of goods or services or Merchant has reason to believe the identity of the person presenting the Card may be different than that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Servicer or the applicable Card Association, except as expressly authorized in writing by the Cardholder, or as required by law. (a) Safeguards. Merchant will maintain appropriate administrative, technical and physical safeguards for all Cardholder Information. These safeguards will (a) insure the confidentiality of Cardholder Information; (b) protect against any anticipated threats or hazards to the security or integrity of Cardholder Information; (c) protect against unauthorized access to or use of Cardholder Information that could result in substantial harm or inconvenience to any Cardholder; and (d) properly dispose of all Cardholder Information to ensure no unauthorized access to Cardholder Information. Merchant will maintain all such safeguards applicable to Merchant in accordance with Data Privacy Requirements and applicable Laws. (b) Compliance with Data Privacy Requirements and Card Association Data Security Rules. Merchant represents, warrants and covenants that it is and will remain throughout the term of the Merchant Agreement, in compliance with obligations pertaining to the collection, use, disclosure, retention of Cardholder Information including, data security, data integrity and the safeguarding of such information as set out in the Data Privacy Requirements in effect and as may be amended, supplemented or replaced. Merchant will maintain appropriate administrative, technical and physical safeguards for all Cardholder Information. These safeguards will (a) insure the confidentiality of Cardholder Information; (b) protect against any anticipated threats or hazards to the security or integrity of Cardholder Information; (c) protect against unauthorized access to or use of Cardholder Information that could result in substantial harm or inconvenience to any Cardholder; and (d) properly dispose of all Cardholder Information to ensure no unauthorized access to Cardholder Information. Merchant will cause all of its Representatives to comply with the Data Privacy Requirem...
View SourceView Similar (6)
Data Security/Personal Cardholder Information. Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services or Merchant has reason to believe the identity of the person presenting the Card may be different from that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Settlor or the applicable Card Association, except as expressly authorized in writing by the Cardholder, or as required by law. PayArc acknowledges that while cardholder information is in its possession it is responsible for the security of such cardholder data and any ensuing storage, processing or transmitting activity on behalf of the customer and would, to that extent only, be responsible for and store and secure such cardholder information under normal industry standards.
View SourceView Similar (4)
Data Security/Personal Cardholder Information. Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services or Merchant has reason to believe the identity of the person presenting the Card may be different than that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Paysafe or the applicable Card Association, except as expressly authorized in writing by the Cardholder, or as required by law. A) Safeguards. Merchant will maintain appropriate administrative, technical and physical safeguards for all Cardholder Information. These safeguards will (a) ensure the confidentiality of Cardholder Information; (b) protect against any anticipated threats or hazards to the security or integrity of Cardholder Information; (c) protect against unauthorized access to or use of Cardholder Information that could result in substantial harm or inconvenience to any Cardholder; and (d) properly dispose of all Cardholder Information to ensure no unauthorized access to Cardholder Information. Merchant will maintain all such safeguards applicable to Merchant in accordance with Data Privacy Requirements and applicable Laws.
View SourceView Similar (3)
Data Security/Personal Cardholder Information. Except as otherwise provided by the Network Rules, Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services or Merchant has reason to believe the identity of the person presenting the Card may be different than that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Provider or the applicable Card Network, except as expressly authorized in writing by the Cardholder, or as required by Law or the Network Rules. (a) Safeguards. Merchant will maintain appropriate administrative, technical and physical safeguards for all Cardholder Information. These safeguards will (i) ensure the confidentiality of Cardholder Information; (ii) protect against any anticipated threats or hazards to the security or integrity of Cardholder Information; (iii) protect against unauthorized access to or use of Cardholder Information that could result in substantial harm or inconvenience to any Cardholder; and (iv) properly dispose of all Cardholder Information to ensure no unauthorized access to Cardholder Information. Merchant will maintain all such safeguards applicable to Merchant in accordance with applicable Law and the Network Rules.
View SourceView Similar (2)
Data Security/Personal Cardholder Information. (a) You may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Amex Cards unless such information is required to provide delivery of goods or services or You have reason to believe the identity of the person using the Amex Card to make the relevant payment may be different than that of the Cardholder. (b) You will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Us or Amex, except as expressly authorized in writing by the Cardholder, or as required by law. (c) You also agree to comply with the following requirements:
View Source
Data Security/Personal Cardholder Information. Merchant may not, as a condition of sale, impose a requirement on Cardholders to provide any personal information as a condition for honoring Cards unless such information is required to provide delivery of goods or services or Merchant has reason to believe the identity of the person presenting the Card may be different than that of the Cardholder. Merchant will not, under any circumstances, release, sell or otherwise disclose any Cardholder Information to any person other than Processor or the applicable Card Association, except as expressly authorized in writing by the Cardholder, or as required by Applicable Law. In addition, Merchant shall ensure that all service providers with access to cardholder data are submitted to and approved by the Processor prior to access to Cardholder data being granted. Moreover, the Merchant must ascertain that each service provider is certified as compliant with the Payment Card Industry Data Security Standard (PCI DSS) before access is granted. The Merchant is also responsible for validating (a) Safeguards. Merchant will maintain appropriate administrative, technical
View Source