Security & Data-Transmission Policy

Enquire Now
Contact Us

1. Commitment to secure payment processing

JVP Limited is committed to protecting your payment card data in accordance with the requirements of PCI DSS — the global standard for secure handling of cardholder data. Westpac NZ Audit Board

2. How payments are processed

  • We use a secure, third-party payment gateway to handle card transactions.
  • Cardholder data (card number, expiry, CVV) is encrypted during transmission using industry-standard SSL/TLS.
  • We do not store full credit card data on our servers. Only minimal transaction metadata (e.g. confirmation, masked card reference) is kept where necessary.

This ensures we remain out of scope for most of the higher-risk PCI DSS requirements. PCI Security Standards Council

3. Data Transmission and Encryption

All payment pages are served over HTTPS (SSL/TLS). Cardholder data is encrypted both in transit and — where stored — at rest. Access is restricted to authorised personnel only.

4. Access control & restricted storage

We follow “least privilege” principles: only employees who need to access payment metadata can do so, and full payment card details are never exposed.

5. Compliance and ongoing security

As a business that handles online payments, we commit to:

  • Using a PCI-compliant payment processor (gateway) Eftpos Help Centre
  • Regularly reviewing and updating security settings on our payment systems and web server
  • Promptly addressing any security vulnerabilities or incidents
  • Adhering to PCI DSS best practices (firewalls, secure server configuration, restricted access, encryption) Audit Board


6. Customer trust & transparency

When you make a payment on our site, you are assured that:

  • Payment is processed securely
  • Your card details are not stored by us
  • Data transmission is encrypted and protected


If you have any questions about payment security, data handling, or your transaction, please contact our support team:

Email: [email protected]
Phone: 02102584770