Jolly Williams

Privacy Policy

Our Commitment to Information Security

PaymentProcessor Inc. maintains a comprehensive Information Security Policy framework designed to protect the confidentiality, integrity, and availability of all systems and data.

Our policies are:

  • Formally documented and approved by executive leadership
  • Communicated internally to all employees and relevant stakeholders
  • Reviewed regularly to ensure alignment with evolving threats, regulatory requirements, and business objectives

Key policy areas include:

  • Access control and identity management
  • Data classification and handling
  • Incident response and breach notification
  • Vendor and third-party risk management
  • Business continuity and disaster recovery

We ensure that all personnel receive appropriate training and acknowledge their responsibilities under these policies.

Availability
Relevant policy summaries are available to customers and partners upon request, subject to confidentiality requirements.

Independent Validation of Our Security Practices

PaymentProcessor Inc. aligns its security program with internationally recognized standards and undergoes regular independent assessments.

Our certifications and attestations include:

  • ISO/IEC 27001 (Information Security Management Systems) – aligned controls and ongoing certification roadmap
  • PCI DSS (Payment Card Industry Data Security Standard) – for secure handling of cardholder data
  • SOC 2 Type II – independent audit covering security, availability, and confidentiality controls

We work with accredited third-party auditors to:

  • Validate the effectiveness of our controls
  • Identify and remediate risks
  • Continuously improve our security posture

Documentation Access
Certificates and audit reports are available upon request under non-disclosure agreements (NDAs).

Regulatory and Standards Compliance

PaymentProcessor Inc. is committed to complying with applicable legal, regulatory, and contractual requirements in all jurisdictions where we operate.

We adhere to:

  • Data protection regulations such as GDPR and other applicable privacy laws
  • Financial and payment-related regulatory obligations
  • Industry standards and contractual security requirements

Our compliance program includes:

  • Continuous monitoring of regulatory changes
  • Internal audits and risk assessments
  • Policy updates and control enhancements
  • Employee training and awareness programs

We maintain clear documentation demonstrating compliance and provide customers with transparency into our practices where appropriate.

Ongoing Privacy Governance

PaymentProcessor Inc. maintains a formal process for reviewing and updating its Privacy Policy to ensure accuracy, transparency, and compliance.

Our approach includes:

  • Scheduled reviews at least annually or upon significant changes
  • Legal and regulatory alignment with evolving privacy laws
  • Cross-functional input from legal, security, and product teams

We ensure that our Privacy Policy clearly explains:

  • What data we collect
  • How data is used and processed
  • Data subject rights
  • Data retention practices

Users are notified of material changes where required by law.