PCI Compliance

The PCI Security Standards Council offers robust and comprehensive standards and supporting materials to enhance payment card data security. These materials include a framework of specifications, tools, measurements and support resources to help organizations ensure the safe handling of cardholder information at every step. The keystone is the PCI Data Security Standard (PCI DSS), which provides an actionable framework for developing a robust payment card data security process -- including prevention, detection and appropriate reaction to security incidents.

Pozzani Pure Water plc are classified as a Level 3 Merchant by both VISA and MASTERCARD and as such our merchant services provider (HSBC/Global Payments) require that supply an annual assessment of our IT infrastructure as well as quarterly audits of our website security, which have to be conducted by a third party organisation - In our case such services are provided by McAfee Inc. (www.mcafeesecure.com).

Taking data security seriously is one of our primary concerns when it comes to the experience of users shopping online at www.pozzani.co.uk. Our servers are located in a secure environment, we have an in house coding team to ensure the website is checked and any faults are resolved promptly, our firewall profiles are regularly checked for consistency and we operate technologies such as SSL to ensure any information sent between you the user and our site is kept confidential.

Putting the user first
Where problems do arise we undertake to investigate a customers transaction and provide a detailed report within 7 working days. Whilst every case which we have investigated to date has demonstrated our systems have not been to blame, we understand card fraud can be a stressful and worrying experience and should you have any concerns please do not hesitate to contact us. Naturally with cards being used almost daily these days, our company name may be one of many on your statement - Many companies will simply reject any such enquiries as being 'another companies problem'. Whilst we are confident of our security, we believe the best method of ensuring we stay that way is to thoroughly investigate all incidents, regardless of how unlikely the scenario.

Our current status, last assesed in August 2013 was COMPLIANT