Who is Ogone
Ogone is a company offering technical solutions to process online payments in e-commerce, MoTo and other sectors. Ogone is the interface between acquirers, banks, merchants and consumers, which is processing their online payments.
PCI DSS Compliance
To protect your data and prevent misuse, Ogone is using up to date technologies, follows strict verifications rules and works with experienced specialists. All data is encrypted before storage, only encrypted data is transmitted.
Ogone is compliant with the Payment Card Industry Data Security Standard (PCI DSS). This certification and its rules are set by Visa, MasterCard, American Express... This standard guarantees save storage and handling of your credit card and bank account data under highest data security standards.
Security Measures
Ogone undertakes all reasonable steps to protect any personal or sensitive information collected or processed by Ogone. Ogone implements, amongst others, the following measures: protection of its servers by firewalls, strict password control of database access and encryption of sensitive data. This list is not exhaustive.
Data Collection
Personal data is processed according to the Belgian National Law and the EU Directive 95/46 as of October 24th 1995.
Merchant Data
In order to be able to set up an Ogone account, Ogone needs to store personal information of the merchant. This information is requested from the merchant during your registration process for an Ogone account. This data is updated by the merchant, or on demand by Ogone.
Consumer Data
Ogone uses the merchants' websites and the online forms of the payment page only to collect and transmit data which is necessary to process your payments. This is for example the amount you have to pay, the currency and payment method you use to pay etc. Additional information, the merchant needs to be able to process your order, is collected (e.g. details on the order, delivery and billing address etc.). This data is stored for each transaction in order to be able to process the transaction and if necessary to check it. For fraud prevention reasons, Ogone is furthermore storing the IP-address of the computer, which was used to place the transaction.
Ogone does not collect any sensitive personal information, in particular with regard to race, religion or political affiliation.
Log-Files
To deliver secure and reliable services, Ogone is storing log-files. These contain information on data transfer between the involved parties.
Cookies
A cookie is a text file placed on your hard disk by a web page server. Cookies cannot run programs or put viruses on your computer. Cookies are allocated to you individually and can only be read by a web server in the domain that sent the cookie to you.
The principal function of cookies is to add convenience and save you time. For example, a cookie helps Ogone to remember, between two visits, the language you have chosen.
You can accept or refuse cookies. Most web browsers automatically accept cookies, but you can usually change your browser's settings to refuse them if you wish.
The use of cookies is not necessary to view the public part of the site of Ogone. The use of cookies is compulsory only to access your private space after you opened an Ogone account. You can therefore set your Internet browser to refuse cookies.
Use of data
Merchant data
Merchant data collected by Ogone is only used to carry out the contractual services both parties agreed on.
Consumer data
Information collected by Ogone is used to execute the entire online payment transaction process, which was instructed by the consumer between him and the merchant.
Data storage
Data collected by Ogone is stored for an adequate time to process the online payment/fulfill the contract between the merchant and Ogone. Highest security standards are applied on data storage, all compliant to Payment Card Industry Data Security Standard (PCI DSS).
Circulation of data to third parties
Circulation of consumer data to merchants
Merchants connected to Ogone can only access stored data of their customers. Credit card data is excluded from this access. Merchants can not access customers' credit card data via Ogone, neither via the Ogone website nor via e-mail or mail.
Credit card numbers are stored separately from the database which is accessible by the merchants. To Merchants only a part of the credit card number is visible, in order to enable them to clear their accounts. With Visa and MasterCard only the last four digits are visible to the merchants. With other credit card and bank account numbers, the part which is visible to the merchant depends on the length of the number. The complete number is never visible to them.
Merchants are only given access to complete credit card numbers if a special request from the merchant’s acquirer/bank was placed with Ogone. The bank account number is never stored if Payment on delivery or offline bank transfer is used as payment method for the transaction.
No merchant has access to consumer data, which is not related to a transaction between him and a certain consumer.
Circulation of data to service provider in the frame of transaction processing
Ogone will not sell or rent private data to third parties. Furthermore, Ogone will not share private date with third parties, unless it is necessary to fulfill the contract/transaction you have with Ogone, or you have given Ogone your allowance. Situations when your data is transferred to third parties are the following:
Ogone may share data with certain trusted partners, whose contribution is necessary to perform the payment process in the context of technical partnerships. Data might for example be shared with the post to send out invoices, the Visa, MasterCard, American Express... processors to process your payment to the merchants or to service providers to undertake analyses on behalf of Ogone.
These third parties are forbidden to use your personal information for any purpose other than the provision of these services to Ogone, and are obliged to keep your information confidential.
Monitoring your personal information
You will receive a confirmation of your payment via e-mail. This mail includes the essential information you have given while placing your order with the merchant.
Contact
Any questions or complaints relating to the collection and processing of your personal information should be sent by email to the following address: privacy@ogone.com. At this address you can also request to change or have your personal data, stored by Ogone, deleted. Ogone will answer your request within a reasonable time. You can also send your requests in writing to the following address:
Ogone BVBA/SPRL
Woluwedal/Boulevard de la Woluwe 102
B – 1200 Brussels
BELGIUM
If you are contacting Ogone via letter, e-mail, phone of by fax, Ogone is storing your personal information in order to be able to answer your request. Ogone will evaluate this information to prevent potential fraud and noncompliance with our general terms and conditions, and to improve our customer service.
Deletion of data
As soon as your information is no longer necessary to process the above mentioned services, your data will be deleted.
If storage of data is necessary for tax reasons, it will be stored and blocked for every other use.
The use and processing of your personal information can be withdrawn at any time, effective for the future, by sending an e-mail to privacy@ogone.com.
Updating of this Policy
Ogone may update this privacy clause at any time without prior notice, e.g. to be compliant with legal requirements.
Ogone encourages you to consult this clause regularly to find out how your information is protected.