The following applies to users of the Goodeats website, Goodies app and any customer who registers their details in store.
- We never see your full card number, this is handled by our PCI compliant payment payment processing integrations.
- Goodtill’s infrastructure was accredited for PCI compliance in 2019. The audit was carried out by a third party information security company accredited by the PCI council. This included a review of our IT infrastructure, security defences and data handling policies.
- Security scans are run on Goodtill’s systems every 3 months.
- Goodtill’s software developers are trained in secure software development techniques every 6 months.
- Automated processes are in place to allow Subject Access Requests and deletion of customer data as defined by GDPR.
If you have any questions, please contact our data controller at email@example.com