In message <4C518C84E74AD911B0CC0002A5EF4D93464570@CARL57>, at 17:18:46
on Wed, 20 Jul 2005, Fiona Musgrave <[log in to unmask]> writes
>Any advice would be gratefully received. How long should credit card details
>be retained once the payment has been completed?
Speaking as an ex- mail-order and cardholder-not-present business
proprietor, you need to concentrate hard on what you mean by "payment
has been completed".
I have had people challenging payments (via their card company) going
back as far as three years. Sometimes, almost successfully. (I have in
mind one case when a parent was complaining that their offspring had
been using their card for some time, and they'd only just noticed).
Looking from the other end of the telescope, what do your T&C say to
your customers about the time limit on challenging credit card payments?
As a consumer, I look rather critically at vendors who claim that I
can't challenge a Credit Card payment that happened more than (eg) 90
days ago.
I think I would keep the credit card numbers, account name, amounts of
payment, expiry dates (if applicable) and any authorisation codes issued
by the card company, for as long as I kept any records at all about the
transaction. I wouldn't record the security code (on the signature
strip), because the card companies prohibit that.
If you were a telco, Charles Clarke would like you to keep the details
for a minimum of a year (but no more than three years) in case your
customer turned out to be wanted by the police.
--
Roland Perry
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
All archives of messages are stored permanently and are
available to the world wide web community at large at
http://www.jiscmail.ac.uk/lists/data-protection.html
If you wish to leave this list please send the command
leave data-protection to [log in to unmask]
All user commands can be found at : -
http://www.jiscmail.ac.uk/help/commandref.htm
Any queries about sending or receiving message please send to the list owner
[log in to unmask]
(all commands go to [log in to unmask] not the list please)
^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^
|