Data & Security
As a leading cloud EPOS company, we are fully committed to ensuring the highest levels of data security and risk management for our clients. Our approach is built upon a robust framework that not only leverages the secure and reliable services provided by Amazon Web Services (AWS) but is also fully compliant with data protection laws. We are registered with the Information Commissioner's Office (ICO), under the register certificate number ZA431180, demonstrating our commitment to data protection and privacy.
Information Commissioner’s Office (ICO) Compliance
SPARK EPoS complies with the UK General Data Protection Regulation (UK GDPR) and the Data Protection Act 2018, ensuring that all customer and business data is processed lawfully, fairly, and transparently. As a responsible data controller, we:
- Register with the Information Commissioner’s Office (ICO) and adhere to data protection regulations.
- Implement strict policies to manage data collection, storage, and sharing.
- Provide customers with control over their personal data, including access, correction, and deletion requests.
Security Measure
Our Commitment to Excellence in Cloud EPOS Solutions
Risk Assessment
SPARK EPOS implements a rigorous risk assessment framework that identifies, evaluates, and prioritises potential threats and vulnerabilities to our systems and data. Through regular assessments, we ensure a robust understanding of the landscape in which we operate.
Risk Mitigation
SPARK EPOS ensures system safety through advanced monitoring and regular updates. With SIEM technology and continuous security training, we stay ahead of cybersecurity threats and trends.
Compliance
SPARK EPOS strictly adheres to global data protection regulations and industry standards, including GDPR and PCI DSS. We are proud to hold certifications that demonstrate our commitment to regulatory compliance and data protection excellence.
Continuous Monitoring and Improvement
SPARK EPOS ensures system safety through advanced monitoring and regular updates. With SIEM technology and continuous security training, we stay ahead of cybersecurity threats and trends.
Partners in Protection
Cloud Server
Our cloud infrastructure is hosted on Amazon Web Services (AWS), a globally recognized platform that provides robust security, scalability, and compliance with industry standards. AWS security features include:
- Data Encryption – All stored and transmitted data is encrypted using advanced security protocols.
- Regular Security Audits – AWS undergoes frequent audits to maintain certifications such as ISO 27001, SOC 2, and PCI DSS.
- 24/7 Threat Monitoring – Continuous monitoring and protection against unauthorized access, cyber threats, and vulnerabilities.
SPARK EPoS partners with Viva.com to provide secure, PCI-compliant payment processing with advanced fraud prevention. Viva.com ensures PCI DSS compliance, tokenization, AI fraud detection, and EMV chip security, along with multi-layered protection including P2PE encryption, DDoS protection, and real-time threat monitoring.Â
Our Hardware
SPARK EPoS partners with SUNMI, a globally recognized leader in secure payment solutions. Our SUNMI-powered devices meet industry-leading security standards, including PCI PTS 6.X, EMV compliance, and certifications from major card networks (Visa, Mastercard, Amex, etc.). To protect sensitive payment data, we implement Secure Element (SE) and Trusted Execution Environment (TEE) technology, ensuring encryption, isolation, and protection against unauthorized access. Our end-to-end security framework covers key management, software security, cloud communication, and lifecycle security, safeguarding transactions from manufacture to decommissioning. Additionally, TLS-encrypted terminal-cloud communication and strict access controls ensure data integrity and prevent cyber threats. SPARK EPoS and SUNMI ensure secure, compliant, and fraud-resistant transactions for your business.
