Data Protection
Vasu International Payment Solutions Inc. (Philippines), together with its affiliates, partnerships, or parent companies, (collectively, “VASU”) is a rapidly expanding international FinTech business. We provide customized payment solutions and process personally identifiable information (PII) on behalf of merchants which act as data controllers.
In addition to meeting our clients’ and business partners’ security expectations, we take a pragmatic methodology to information security and ensure that all privacy risks are identified, and necessary measures are taken to protect as far as possible personally identifiable information. VASU is implementing and maintaining appropriate technical and organizational measures in order to safeguard the rights and freedoms of the data subject.
While emerging as a leading premium payment service provider, we are committed to a sustainable growth based on sound security and privacy principles adherent to all applicable personal data regulations.
Security activities include but are not limited to:
-
- Regular conducting penetration and vulnerability tests of its payment solutions in line with PCI DSS requirements as well as conducting periodic onsite audits and addressing all significant vulnerabilities;
- Monitoring payment systems and receiving audits by an accredited body against PCI DSS requirements;
- Regular review and monitoring of systems VASU has deployed.
- Adherence to privacy by design principles as guiding principles for all development of systems processing personal identifiable information takes.
- Requirement for all vendors and subcontractors processing PII on our behalf or accessing our payment solutions to comply with applicable PCI DSS requirements.
Further we are committed to follow the basic principles for processing PII as defined by the EU GDPR:
-
- Lawfulness, fairness, and transparency – All PII are processed lawfully, fairly and in a transparent manner in relation to the data subject as agreed with the controller.
- Purpose limitation – VASU collects PII only for specified, explicit and legitimate purposes and not further processes in a manner that is incompatible with those purposes; At no time PII is used for other purposes other than that agreed with the controller.
- Data minimization – VASU ensures that collection and storage of PII is adequate, relevant, and limited to what is necessary in relation to the purposes for which they are processed.
- Accuracy – VASU ensures that data are accurate and, where necessary, kept up to date; every reasonable step is taken to ensure that personal data that are inaccurate, having regard to the purposes for which they are processed, are erased, or rectified without delay.
- Storage limitation – PII is kept in a form which permits identification of data subjects for no longer than is necessary for the purposes for which the personal data are processed or as legally required.
- Integrity and confidentiality – PII is processed in a manner that ensures appropriate security of the personal data, including protection against unauthorized or unlawful processing and against accidental loss, destruction, or damage, using appropriate technical or organizational measures.
- Accountability – While VASU is acting as processor of PII, VASU is supporting the controller of PII in its responsibility to demonstrate compliance.
In case of any concern or question, please contact our Data Protection Officer via operations@vasu.global
*** Services and solutions offered through Vasu International Payment Solutions Inc., are subject to business approval, geographical availability, and regulatory authorization, and there is no guarantee that the product will become available in a specific timeframe, or to a specific customer group or geography. You should carefully conduct your own investigations and analyses in connection with any participation with the services and solutions, including your objectives, risk factors, fees, and expenses and the information set forth in these materials. All prospective users of the services and solutions described herein are advised to consult with their legal, accounting and tax advisers regarding any potential participation. Services and solutions are subject to change pending availability, regulatory approval, and market conditions. Additional information is available upon request