Security policy
Monavate has made security our top priority to ensure that customer records and transaction are kept secure at all times.
Data security
Monavate monitors the use of our systems, which are protected using industry best practice security measures. Encrypted connections are used to communicate to our system to protect customer information, such as financial information and information that customers input to the Monavate website.
Third party websites
The Monavate website may contain links to third-party websites. Monavate have no control and is not responsible for security measures, policies or practices of other websites. It is recommended that customers review relevant policies prior to use of any other website.
Account creation
If any Monavate service requires you to create an account, you must complete the registration process by providing us with current, complete and accurate information as prompted by the applicable registration form. During account creation, you will be required to create a username and password. You are entirely responsible for maintaining the confidentiality of your password and account and for all activities that occur under your account. Monavate will not be liable for any loss that you may incur as a result of your account being misused.
Unlawful use
As a condition of your use of Monavate services, you will not use the services in any manner that could damage, disable, overburden, or impair any Monavate service, or interfere with any other party’s use and enjoyment of any Monavate service. You will not attempt to gain unauthorised access to any services, other accounts, computer systems or networks connected to any Monavate service. You will not obtain or attempt to obtain any materials or information through any means not intentionally made available through Monavate services.
Reporting a security event
A security event is any attempted or successful unauthorised access, disclosure, or misuse of our services, including hacking and theft.
Please immediately report any suspected security events to our Security function by emailing the details of the event to security@monavate.com
PCI DSS Compliance
CISP compliance (Cardholder Information Security Programme) is required of all service providers that store, process, or transmit cardholder data. The program applies to all payment channels, including face-to-face retail, mail and telephone order, and e-Commerce (online payments). Compliance with CISP means compliance with the Payment Card Industry Data Security Standard (PCI DSS) with the required program validation by independent assessors. The PCI DSS is a single approach to safeguarding sensitive data for all card brands.
The PCI Data Security Standard consists of a number of basic requirements and corresponding sub-requirements to protect against cardholder data exposure and compromise. These are summarised as follows:
Building and maintaining secure networks;
Protecting sensitive data;
Maintaining a vulnerability program by developing and maintaining secure systems and applications;
Implementing and managing strong access controls;
Regular monitoring and testing; and
Maintaining information security policies.
Monavate is PCI DSS Level 1 certified, the highest level of card data security.
Transaction security
All transaction information passed between merchant sites and our systems is encrypted using industry best practice and certificates to ensure identity and non-repudiation. Cardholder information is never passed unencrypted and any messages sent to your servers from us are secure and tamper-proof via encryption technologies.
Encryption and Data Storage
Once on our systems, all sensitive data is secured using industry best practice standards and solutions.
Reporting a security event
A security event is any attempted or successful unauthorised access, disclosure, or misuse of our services, including hacking and theft.
Please immediately report any suspected security events to our Security function by emailing the details of the event to security@monavate.com