Why the Focus on Security?

Security is of utmost importance to us at Mercaux and is why we’ve invested a lot of time and resources into ensuring we comply with best-in-class industry standards. Below is a list of official certifications and independently assessed accreditations that we have secured so our customers can be assured of the quality, safety, and efficiency of our products, services, and systems.
  • PCI DSS Certification
  • Empower and engage customers with rich content in-store
    ISO 27001 Certification
  • Improve efficiency and increase UPT & Conversion
    GDPR Compliance Certification
  • Improve efficiency and increase UPT & Conversion
    Coming Soon...
  • Improve efficiency and increase UPT & Conversion
    Coming Soon...

Heavy Retailer’s data

Security details

  • 1. Data is transfered from your systems to our Cloud using secure connections
  • 2. Data is securely stored in our Cloud leveraging AWS security
  • 3. Connection between Mercaux Cloud and Applications is encrypted in TLS 1.3
  • 4. No sensitive data is transfered as part of Heavy Retailers Data

Clienteling integration security

Security details

  • 1. Mercaux does not store Personal Informations
  • 2. Customer data is loaded on request via API
  • 3. All forms of API authentication are supported
  • 4. Customer data is removed upon the end of the session, logout or termination of the App
  • 5. Mercaux team does not have access to any Personal Data

OMS and Payment integration security

Security details

  • 1. Mercaux is PCI DSS level 1 service provide certified
  • 2. Mercaux doesn’t store, process or transmit cardholder data
  • 3. All supported Chip and PIN devices are PCI compliant

Authentication security

Security details

  • 1. Mercaux provides its own secured authentication and authorisation which is subject to External Penetration Testings on a regular basis
  • 2. Mercaux can also integrate with SSO Providers

Analytics and Public API

Security details

  • 1. Access to Analytics via the portal is restricted to specific role and user permissions
  • 2. External access to Public API requires a unique API Key provided on request only
  • 3. Analytics data does not contain any sensitive information and is almost entirely anonymised

Contact Us for a Personal Demo

Please fill out your details and we’ll be in touch with a link for you to choose a convenient time: