Edge operates in accordance with the following principles relating to Client Data:
Our business, your data
Edge integrates into the business systems of its clients to access Client Data to enable the Client to get a better view of its business metrics and derived insight. Edge acknowledges that Client Data and information and their management is critical to Client’s business. This policy does not form part of our Terms and Conditions but uses the same defined terms and sets out how Edge intends to manage Client Data.
Categorise and manage
Every piece of Client Data Edge receives, and the data Edge derives from it is assigned a category which determines how Edge manages that data.
Categories
Data Edge receives from retailers and assigned categories
Data Edge device, and assigned categories
Policy on data aggregation
The primary principles is that any aggregated data released by Edge must be anonymized so that the source of the data cannot be identified from the data by reverse engineering. This involves:
All three criteria must be satisfied for the data to be both meaningful and anonymized, and therefore usable.
EdgePetrol would not expect data to be useful, usable or necessarily anonymized if any one of the above contributes more than twenty five percent (25%) of the sample size or data.
PCI-DSS Compliance (All Territories) / GDPR (Europe & UK Only)
EdgePetrol does not acquire, hold, or process cardholder data as defined by the Payment Card Industry Data Security Standard (PCI-DSS), and maintains measures to prevent the acquisition of such data, and instructs and trains its staff not to seek to acquire such a data.
The Client acknowledges and accepts its responsibility, and responsibility for any of its agents and third-party service providers, to not share cardholder data either by electronic transfer, or by grant of system access to cardholder data environment (CDE), or through any other means of communications with EdgePetrol, and to maintain systems to ensure compliance.
Non-compliance by the Client will amount to a breach of the standard terms and conditions pursuant to which notice of termination may be given if not remedied in accordance with the terms. These obligations also apply under the GDPR and other data protection systems and both EdgePetrol and the Client mutually warrant compliance.