Privacy and Security

We’re invested in protecting your enterprise activity, data and account information

PCI DDS COMPLIANCE

Protecting payment card information

To protect our systems from breaches and cardholder data theft, our marketplace and gifting platform are PCI DSS (Payment Card Industry Data Security Standard) compliant.

We regularly monitor and test networks, maintain and enforce internal Information Security Policies, engage third party auditors and use ethical hackers (penetration testers) to simulate cyber attacks to identify any vulnerabilities in our IT systems, email services, payment processing and network components.

ISO 270001 CERTIFICATION

Safeguarding sensitive data

A data breach is devastating for every party involved. To protect your organization, your IT group may require your technology sellers to be ISO 27001 certified. This ensures a seller maintains an ISMS (Information Security Management System) that adheres to internationally recognized security best practices.

Our ISO 27001 certified ISMS consists of internal policies, procedures and other safeguards involving our staff, platform accounts, website users, processes and applications. Independent auditors from the Certification Board routinely review our ISMS during every certification period.

GDPR COMPLIANCE

Your privacy is our policy

GDPR (General Data Protection Regulation) is more than just asking your permission to accept cookies. GDPR is about your rights over your personal data -whether you live in the EU or not.

CorporateGift engages third party auditors to review and inform our GDPR compliance, and is certified by the U.S. Privacy Shield Framework. Our Privacy Policy outlines in detail how we collect and use your personal information, and how you can opt out of our use of personal and account.