Resources
      Back to home
      1. Support Knowledge Base
      2. Extras
      3. Resources

      How we keep your data secure

      The following applies to users of the Goodeats website, Goodies app and any customer who registers their details in store.

      • We never see your full card number, this is handled by our PCI-compliant payment processing integrations.
      • Goodtill’s infrastructure was accredited for PCI compliance back in 2019 and currently valid until July 2024. The audit was carried out by a third party information security company accredited by the PCI council. This included a review of our IT infrastructure, security defences and data handling policies.
      • Security scans are run on Goodtill’s systems every 3 months.
      • Penetration tests are run against Goodtill's servers and applications every year.
      • Goodtill’s software developers are trained in secure software development techniques every 6 months.
      • Automated processes are in place to allow Subject Access Requests and deletion of customer data as defined by GDPR.

      If you have any questions, please contact our data controller at gdpr@thegoodtill.com