Data security
Security and privacy have always been paramount at SurePay. Thus, SurePay is proud to be both GDPR and ISO/IEC 27001:2013 compliant. We are regularly audited by authorised third parties whom are able to perform an ISAE 3000 type II audit against all 114 information security controls outlined in Annex A of ISO/IEC 27001:2013.

GDPR Ready

ISAE 3000
Audit Type II Report

ISO 27001:2013
ISO 27001:2013 compliant

Cyber Essentials
Certified
Key information on Security, Compliance, Privacy
Security Standard:
The security of data and the availability of SurePay services is always our top priority. This is why we are ISO/IEC 27001:2017 compliant. In addition a ISAE 3000 type II audit is executed at SUREPAY B.V. each year with regard to an Information Security Management System in accordance with the ISO/IEC 27001:2017 framework.
A successful audit has shown that we comply with all points of the information security requirements standard.
General Data Protection Regulation (GDPR):
SurePay takes utmost care to adhere to the GDPR (EU) and AVG (NL) principles. As a company which handles your data on a daily basis, the safety of your data and protection of your rights is one of SurePay’s top priorities. Therefore, SurePay commits itself and its affiliates to all applicable data protection.
The exercise of your rights is safeguarded by internal policies, and for information on which data we process and why, please check our Privacy Statement on this website.