Common use of Access to the Sensitive Cardholder Data Clause in Contracts

Access to the Sensitive Cardholder Data. All Access to sensitive cardholder should be controlled and authorised. Any job functions that require access to cardholder data should be clearly defined.  Any display of the card holder should be restricted at a minimum to the first 6 and the last 4 digits of the cardholder data.  Access to sensitive cardholder information such as PAN’s, personal information and business data is restricted to employees that have a legitimate need to view such information.  No other employees should have access to this confidential data unless they have a genuine business need.  If cardholder data is shared with a Service Provider (3rd party) then a list of such Service Providers will be maintained as detailed in Appendix C.  Gateway Solutions s.r.o. will ensure a written agreement that includes an acknowledgement is in place that the Service Provider will be responsible for the for the cardholder data that the Service Provider possess.  Gateway Solutions s.r.o. will ensure that a there is an established process, including proper due diligence is in place, before engaging with a Service provider.  The Company will have a process in place to monitor the PCI DSS compliance status of the Service provider.

Access to the Sensitive Cardholder Data. All Access access to sensitive cardholder should be controlled and authorised. Any job functions that require access to cardholder data should be clearly defined.  Any display of the card holder should be restricted at a minimum to the first 6 and the last 4 digits of the cardholder data.  Access to sensitive cardholder information such as PAN’s, personal information and business data is restricted to employees that have a legitimate need to view such information.  No other employees should have access to this confidential data unless they have a genuine business need.  If cardholder data is shared with a Service Provider (3rd party) then a list of such Service Providers will be maintained as detailed in Appendix C.  Gateway Solutions s.r.o. NYCDOT will ensure a written agreement that includes an acknowledgement is in place that the Service Provider will be responsible for the for the cardholder data that the Service Provider possess.  Gateway Solutions s.r.o. NYCDOT will ensure that a there is an established process, including proper due diligence is in place, before engaging with a Service provider.  The Company NYCDOT will have a process in place to monitor the PCI DSS compliance status of the Service provider.

Access to the Sensitive Cardholder Data. All Access to sensitive cardholder should be controlled and authorised. Any job functions that require access to cardholder data should be clearly defined.  • Any display of the card holder should be restricted at a minimum to the first 6 and the last 4 digits of the cardholder data.  • Access to sensitive cardholder information such as PAN’s, personal information and business data is restricted to employees that have a legitimate need to view such information.  • No other employees should have access to this confidential data unless they have a genuine business need.  • If cardholder data is shared with a Service Provider (3rd party) then a list of such Service Providers will be maintained as detailed in Appendix C.  Gateway Solutions s.r.o. • Dorset Chamber will ensure a written agreement that includes an acknowledgement is in place that the Service Provider will be responsible for the for the cardholder data that the Service Provider possess.  Gateway Solutions s.r.o. • Dorset Chamber will ensure that a there is an established process, including proper due diligence is in place, before engaging with a Service provider.  The Company • Dorset Chamber will have a process in place to monitor the PCI DSS compliance status of the Service provider.

Access to the Sensitive Cardholder Data. All Access to sensitive cardholder should be controlled and authorised. Any job functions that require access to cardholder data should be clearly defined.  Any display of the card holder should be restricted at a minimum to the first 6 and the last 4 digits of the cardholder data.  Access to sensitive cardholder information such as PAN’s, personal information and business data is restricted to employees that have a legitimate need to view such information.  No other employees should have access to this confidential data unless they have a genuine business need.  If cardholder data is shared with a Service Provider (3rd party) then a list of such Service Providers will be maintained as detailed in Appendix C.  Gateway Solutions s.r.o. MMO GAMES C.V. will ensure a written agreement that includes an acknowledgement is in place that the Service Provider will be responsible for the for the cardholder data that the Service Provider possess.  Gateway Solutions s.r.o. MMO GAMES C.V. will ensure that a there is an established process, including proper due diligence is in place, before engaging with a Service provider.  The Company will have a process in place to monitor the PCI DSS compliance status of the Service provider.

Access to the Sensitive Cardholder Data. All Access to sensitive cardholder should be controlled and authorised. Any job functions that require access to cardholder data should be clearly defined.  • Any display of the card holder should be restricted at a minimum to the first 6 and the last 4 digits of the cardholder data.  • Access to sensitive cardholder information such as PAN’s, personal information and business data is restricted to employees that have a legitimate need to view such information.  • No other employees should have access to this confidential data unless they have a genuine business need.  • If cardholder data is shared with a Service Provider (3rd party) then a list of such Service Providers will be maintained as detailed in Appendix C.  Gateway Solutions s.r.o. • Aura Heating Limited will ensure a written agreement that includes an acknowledgement is in place that placethat the Service Provider will be responsible for the for the cardholder data that the Service Provider possess.  Gateway Solutions s.r.o. • Aura Heating Limited will ensure that a there is an established process, including proper due diligence is in place, before engaging with a Service provider.  • The Company will have a process in place to monitor the PCI DSS compliance status of the Service provider.

Access to the Sensitive Cardholder Data. All Access to sensitive cardholder should be controlled and authorised. Any job functions that require access to cardholder data should be clearly defined.  • Any display of the card holder should be restricted at a minimum to the first 6 and the last 4 digits of the cardholder data.  • Access to sensitive cardholder information such as PAN’s, personal information and business data is restricted to employees that have a legitimate need to view such information.  • No other employees should have access to this confidential data unless they have a genuine business need.  • If cardholder data is shared with a Service Provider (3rd party) then a list of such Service Providers will be maintained as detailed in Appendix C.  Gateway Solutions s.r.o. • The Company will ensure a written agreement that includes an acknowledgement is in place that the Service Provider will be responsible for the for the cardholder data that the Service Provider possess.  Gateway Solutions s.r.o. • The Company will ensure that a there is an established process, including proper due diligence is in place, before engaging with a Service provider.  • The Company will have a process in place to monitor the PCI DSS compliance status of the Service provider.