In this article
This article discusses Lightspeed's data security measures and where to find detailed information about them in our Trust Center. It also covers your responsibilities as a business owner in protecting your customers' data.
This article is intended to provide general information, not legal advice. You should consult with your own legal counsel for advice about requirements governing your specific circumstances.
For details about our privacy and security practices, visit the Lightspeed Trust Center.
Protecting our customers' data
At Lightspeed, we understand your data is important, and we're committed to keeping it safe. That's why we take data privacy and security very seriously.
In our Trust Center, you can learn about how we protect and handle your personal data. The Trust Center contains important details about our privacy and security practices, such as our:
- Privacy policy: Explains how we collect, use, and protect your data.
- Data processing agreement: Contains the legal rules for how we handle your information.
- Data retention policy: Describes how long we keep your information and how we delete it safely.
- Data security policies: Outline the steps we take to keep your information secure.
- Data privacy request option: Enables you to ask for a copy of the information we have collected from you.
Understanding your responsibilities
As a business owner, you have a responsibility to protect any sensitive personal data you handle from your own customers. The most common types of personal data present in a restaurant are credit card and cardholder details.
While we recommend consulting with legal counsel for advice about requirements governing your specific circumstance, there are some basic data security principles that all businesses should follow:
- Maintain PCI compliance: PCI compliance involves adhering to a specific set of security standards designed to protect cardholder data. By maintaining PCI compliance, you reduce the risk of experiencing a data breach or fraud involving your customers' personal information.
- Obey data privacy laws: Privacy laws, such as the General Data Protection Regulation (GDPR) in the European Union or the California Consumer Privacy Act (CCPA) in the state of California, protect consumer privacy by controlling how businesses handle customer data. Research and follow all relevant laws in your area to ensure your business operating policies are in legal compliance.
- Train your employees: Implement a formal security awareness program to make all employees aware of the importance of data security.