Learn more about Lightspeed's data security measures, where to find detailed information in our Trust Center, and your responsibilities as a business owner in protecting your customers' data.
This article is provided for general informational purposes only and is not intended to provide legal advice. You should consult with your own legal counsel for advice about requirements governing your specific circumstances. For details on our privacy and security practices, visit the Lightspeed Trust Center.
Protecting merchant data
At Lightspeed, we take data privacy and security seriously. In our Trust Center, you can learn about how we protect and handle your personal data. The Trust Center contains important details about our privacy and security practices, including:
- Privacy policy: How we collect, use, and protect data.
- Data processing agreement: Legal rules for how we handle information.
- Data retention policy: How long information is kept and how it's safely deleted.
- Data security policies: Steps we take to keep information secure.
- Data privacy request option: Ask for a copy of the information we've collected from you.
Understanding your responsibilities
As a business owner, you have a responsibility to protect any sensitive personal data you handle from your customers, like credit card and cardholder details.
While you should consult with legal counsel for advice about requirements governing your specific circumstance, there are some basic data security principles that all businesses should follow:
- Maintain PCI compliance: PCI compliance involves adhering to a specific set of security standards designed to protect cardholder data. By maintaining PCI compliance, you reduce the risk of experiencing a data breach or fraud involving your customers' personal information.
- Obey data privacy laws: Privacy laws, like the General Data Protection Regulation (GDPR) in the European Union or the California Consumer Privacy Act (CCPA) in the state of California, protect consumer privacy by controlling how businesses handle customer data. Research and follow all relevant laws in your area to ensure your business operating policies are compliant.
- Train your employees: Implement a formal security awareness program to make all employees aware of the importance of data security.