The General Data Protection Regulation (GDPR) is a regulation of the European Union to standardize rules for the processing of personal data. Since you as a merchant process personal data of your customers, you are a so-called controller in terms of data protection. You must therefore actively inform card holders regarding the processing of their personal data.
The most important obligations for merchants according to GDPR:
- Attach a clearly visible cash desk notice for card holders (display stand, sticker or notice) in the checkout area:
- Provide an information sheet with the information required by the GDPR on the acquirer, their data protection officers and relevant supervisory authorities in the checkout area (download information sheet).
Our privacy policy for card holders can be found here (Download Privacy Policy for cardholders).