Legal documents
The company undergoes yearly audits to prove compliance, together with our auditors we identify any potential risks of data leakage, alongside checks on security policies and processes. Successfully validated compliance results in an attestation of compliance (AOC), aiding hoteliers in fulfilling requirement 12.8 from the PCI DSS on service provider management.
PCI DSS, short for the Payment Card Industry Data Security Standard, contrasts with the GDPR as it is not a law but a standard defined and maintained by an independent entity created by major payment card brands. To accept credit cards from brands like VISA and MasterCard, compliance with this security standard is essential. The PCI DSS is essentially a collection of best practices or rules for handling sensitive payment card data entrusted by your guests to prevent data breaches and fraud.
TwikPMS prevents the entry of cardholder information into unsecured fields. All data previously entered will be automatically removed. Please be aware, TwikPMS does not retain or have access to full card numbers. For enhanced security, only the last four digits, holder name, brand & expiration of the card are stored.
If you have any questions, please contact support.