At myPOS, we prioritize the security and privacy of our customers' data. As a registered financial institution, we adhere to the highest industry standards to ensure your information is protected. Below are the key aspects of our security and privacy practices.
Data Collection and Protection
myPOS is duly registered as a personal data administrator with the Commission for Personal Data Protection under number 0050022. All customer data is collected, transferred, and maintained in accordance with the principles of the EC Directive 95/46 on the protection of personal data and the Data Protection Act, 2002 of the Laws of Bulgaria.
To open, maintain, use, and close the E-money Account and associated payment instruments, and to use the services provided by myPOS, we require the following information from our clients:
Personal Information:
- First name and surname
- Date of birth
- Place of birth
- Email address
- Nationality
- Registered address
- Mobile telephone number
- Identification Document Details:
- Type of identification document
- Issue date
- ID number
- Issuing authority
- Additional Details: As may be requested
For funding the Account, clients may choose to provide information about their credit card, debit card, or other payment instruments. myPOS may send verification codes to the client's mobile phone number to confirm certain actions. This information is crucial for processing transactions, issuing new passwords if forgotten, protecting against identity theft and credit card fraud, and contacting clients when necessary.
Personal Information Management
All personal information, photos, and copies transmitted to myPOS during online identification are considered personal information under applicable legislation and are treated according to this Privacy Policy. Such information is recorded and kept on secured Microsoft cloud space and secured servers, complying with AML/FT and personal data protection laws.
Secure Infrastructure
Personal data provided by the client, as well as data from third parties such as state and international authorities competent in fraud prevention, is stored electronically on servers located in TIER 4 data centers in Europe. These centers offer the highest level of communication coverage, security, and access control. Our advanced systems provide real-time monitoring and protection against suspicious activities. A dedicated team of information security specialists works closely with our engineering teams to ensure the security of our applications, data flow, and infrastructure.
Licenses and Certifications
myPOS is PCI DSS certified, undergoing annual audits to maintain this status. The PCI Data Security Standard (DSS) ensures the highest security standards for handling cardholder data, created by Visa, MasterCard, and other leading credit/debit card providers. As a licensed and regulated Electronic Money Institution, myPOS follows strict customer funds safeguarding procedures. We do not reinvest customer funds and are required by law to keep our finances separate, offering greater protection than standard bank deposits.
Fraud Prevention Mechanisms
Real-time monitoring and protection against suspicious transactions, data traffic, and behavior are constantly in place to ensure smooth operations. Two-factor transaction authorization and limits are available to every myPOS merchant.
Funds Protection
myPOS merchants benefit from 24/7 money monitoring, automatic fraud prevention, real-time notifications, transaction limits, and webhooks for specific events. All monetary operations require authorization, with instant notifications sent to your mobile device for every transaction, making it difficult for fraudulent activities to go unnoticed. This gives you peace of mind that you have full control over your account, funds, POS devices, and payment card.