Our goal is to be as flexible and fast as possible in terms of delivering services to our -customers, while maintaining the highest standards in security and compliance (Jan Saan, CTO)
The goal of CM.com's Information Security is to protect your informational assets against all internal, external, deliberate or accidental threats. We aim to preserve confidentiality, integrity and availability of your data. This means that your data only should be accessed by those with the rights to view it, the data can be relied upon to be accurate and processed correctly and finally, that data can be accessed when needed.
CM.com has support personnel on-site 24/7. Our analysts are continuously monitoring security, performance and connections to suppliers and customers from our Network Operations Centre (NOC).
CM.com actively follows relevant changes in legal and compliance requirements, with extensive focus on, for instance, GDPR regulations. More about this can be read below.
IT security is a high priority within CM.com. Clear security guidelines are available and all employees are briefed on their responsibilities to continuously contribute to this.
CM.com validates the results of monitoring the data to improve our infrastructure, coding practices, overall security & compliance and the effectivity of our monitoring processes.
On May 25th 2018, the General Data Protection Regulation (GDPR) will come into effect, replacing current privacy regulations. By then, all companies handling personal data will need to adhere to the regulation and be able to demonstrate their compliance to the GDPR.
As a responsible processor and a responsible controller, CM.com has embraced the principles that lie at the base of the GDPR. Moreover, we regularly revisit them to assure our compliance. We have all necessary tools in place to conform to the principle of accountability. Some examples are: a data controller register, data processor registers, and our specific Data Privacy Impact Assessment (DPIA). We follow data privacy principles in the development of all our services.
In addition, we have set up a GDPR compliance roadmap and took corrective actions where necessary. We updated our terms and conditions in April 2018 to comply with the upcoming GDPR and the processing of personal information by CM.com. In updating our terms and conditions, CM.com ensures that we provide you with a service that is compliant, and takes into account the latest regulations,techniques and functionalities in payments.
An APSP (Certified Merchant Payment Service Provider) is an intermediary who mediates between merchants and acquirers with processing debit card payments. Merchants are businessmen and organisations who accept debit card payments (receive). Acquirers are parties that approve and process debit card transactions, such as some banks and transaction processors.
CM.com is a Certified Merchant Payment Service Provider (APSP) and has full authorisation to process debit and credit card payments.
CPSP stands for Collecting Payment Service Provider. The certification means that the Payment Service Provider was approved by the Betaalvereniging (Dutch Payments Association) and also has an agreement with the Acquiring Bank for accepting iDEAL which is licensed by the Betaalvereniging (Dutch Payments Association).
• VBIN - Verenigde Betaalinstellingen Nederland (United Payment Institutions of the Netherlands)
• Visa Europe
• Betaalvereniging Nederland (Dutch Payment Association)
• Thuiswinkel Waarborg (Dutch home shopping guarantee organisation)
• Payment Service Directive (PSD)
• PCI DSS Compliancy (Payment Card Industry Standard)
As part of CM.com, CM Payments combines the latest in payments solutions with the technical expertise of the CM Platform.
CM Payments is an internationally operating provider of payment services, with customers such as Albert Heijn, the Dutch government and ParkMobile.
In order to receive payments, it is important that the system is online and functional. That's why we offer 24/7 monitoring and support from our Network Operations Center.
Selecting a country will show relevant information for that region and may change the language.