[thelist] Credit card validation

Martin martin at members.evolt.org
Sun May 27 15:30:36 CDT 2001

Keith Davis wrote on 27/5/01 9:21 pm

>> > When I do this I also keep the amount, customer's name,
>> >and phone number on the server, just in case the email goes into a black
>> >hole. Never had it happen, but I sleep better knowing no customer is
>> >going to be left wondering if his money fell into a black hole.
>> This is A Good Thing. However, you'll need to cover it in your privacy
>> policy & notification, and if you're under EU data protection legislation,
>> it'll form part of your registration. No biggie, just another thing to
>> do as part of the process.
>I cordially disagree, it is a biggie. I neglected to mention that I do
>store such data on the server as securely as if I had the full
>transaction there. Habit. But, we do take privacy matters way too
>lightly on this side of the pond, at our own peril. Could you elaborate
>on the EU data protection legislation, or offer pointers to sites that
>can. We may not be required to meet EU requirements, but our public will
>be well served if we try.

Here's the EU directive (caveat linebreak):

The UK policy is pretty typical (although the German legislation
is generally more strict):

The key acts are the 84 and 98 Data Protection Acts:


email: martin at easyweb.co.uk             PGP ID: 0xA835CCCB
       martin at members.evolt.org      snailmail: 30 Shandon Place
  tel: +44 (0)778 068 6418                      Edinburgh,
  url: http://www.easyweb.co.uk                 Scotland

More information about the thelist mailing list