Security by Design

Achieving the highest level of security and data privacy has, and always will be, fundamental to the way SurePay operates, and we are proud of the standards we maintain. Our solution is both GDPR and ISO/IEC 27001:2017 compliant. In addition, it is subject to regular ISAE 3000 type II audits by authorised and recognised third parties.

For more information about our security and GDPR performance

View our security certifications


Certificates SurePay

Important information of SurePay's compliance with security and privacy regulation

GDPR Compliance

At SurePay we handle customer data every day, and we have no higher priority than ensuring this data is protected at all times.  

We take the utmost care to ensure full compliance with GDPR principles and standards regarding the safe processing of personal data. 

Information Security Management

Equally important is to ensure the security and availability of all SurePay's services - and our performance on this is second to none.

Every year our Information Security Management Systems are subjected to an ISAE 3000 type II audit, and these confirm our full compliance with ISO/IEC 27001:2017 requirements.

For more information on what data we process and why, please check our Privacy Statement.


Compliance & Security

How will Brexit affect the provision of your Service in the UK?

In our article on Brexit, at ‘’Brexit, a new year but not a new service!’’ we explain in depth what the Brexit means for our UK Service provision.

I would like information on a specific transaction or Account Number

You can always contact us at [email protected] with questions regarding the exercise of your rights as a Data Subject. SurePay aims to help you with any requests for information, rectification or other requests regarding your data. In some cases, we might ask you to contact your Data Provider based on your request. For more information you can always check our Privacy Statement.

How do you keep my data safe?

Any data processed in the solution is encrypted, adheres to the OWASP Application Security Verification Standard and can only be accessed by the name matching functionality itself. Throughout the design of the SurePay solution, the main principle has been “Security by Design".

Besides that, we do thorough third-party assessments with all our suppliers and partners ensuring a high level of security in the first instance.

View all questions