Trust & Compliance
At My Centre Office (“MyCo”), we take security, privacy, and payment compliance seriously. Our platform is designed to provide a safe, reliable environment for all merchants and their customers.
1. Payment Security (PCI DSS SAQ-A)All card payments processed through MyCo are handled exclusively by PCI DSS–certified payment service providers, including:
- Paystack
- Flutterwave
- Stripe
- Customers enter card details directly on the provider’s hosted checkout page.
- MyCo never stores or processes cardholder data.
- Platform fees are automatically applied using split payments where applicable.
2. Cyber Essentials Certification
MyCo has achieved Cyber Essentials certification, demonstrating that we have implemented:
- Secure configuration of systems and servers
- Access control and user authentication
- Protection against common malware and threats
- Patch management and vulnerability management
3. GDPR & Data Protection
MyCo is registered with the UK Information Commissioner’s Office (ICO) and complies with UK GDPR. Key points:
- Data we process: Contact details, interactions, subscription and payment metadata.
- Data protection lead: MyCo has a designated owner responsible for GDPR compliance.
- Privacy Policy: View here
- Data Processing Agreement (DPA): View here
- Subject Access Requests (SARs)
- Data retention and deletion
- Breach notification procedures
Merchants using MyCo retain responsibility for:
- Maintaining their own internal security and compliance where applicable
5. Why Choose MyCo
- Payments are processed on PCI-certified infrastructure
- Platform is Cyber Essentials certified
- Fully GDPR-compliant with Privacy Policy and DPA
- Transparent, auditable, and designed for merchant trust