Alert Banner Text Goes Here Alert Banner Text Goes Here Alert Banner Text Goes Here Alert Banner Text Goes Here
Bottomline logo
Start Now
Get in Touch Support

We are providing this information in accordance with the requirements of the EU Data Act. Please note that this information is applicable to customers based in the EU and may differ for customers outside the EU.

The below table sets out the locations where our infrastructure is based for the Subscription Services provided to EU based customers.

Infrastructure Locations
Product Name Infrastructure Location(s)
PTX United Kingdom
Financial Messaging

United Kingdom for our UK Bureau Customers
Switzerland for our Swiss Bureaux Customers
Singapore for our Singapore Bureau Customers
Global Payments Hub & Cash Management The Republic of Ireland and The Netherlands
CFRM United Kingdom & Switzerland

 

The below table describes how data can be exported by EU based customers from the Subscription Services in the event they wish to terminate their contract with us. We adhere to open standards and interoperable interfaces in order to simplify this process for our customers.

Data Export & Portability
Product Name Can data be Exported? Category of Data Method of Data Export Format/Structure of Exported Data
PTX X Data Uploaded by the Customer to the PTX Service. Files can be exported individually from the user interface. CSV
An API can be used to extract multiple or all files – please contact our support team for further assistance with this.
Bacs processing, Bacs files and Bacs reports collected via the Payment Services Website. Files can be exported individually from the user interface. Original format as received from Bacs using the schemas defined by the customer’s sponsoring bank.
An API can be used to extract multiple or all files - please contact our support team for further assistance with this.
Financial Messaging X Financial Messages transitioning through the FM Service. Archives (files) are downloadable through SFTP. Textual data (positional, sequential)
Global Payments Hub & Cash Management X Static data, payment data, statement data, financial data and user data. VIA file export/Import, API export/Import, via email reports, and manually via the user interface. CSV, PDF, XLS, Json
CFRM X All Data available in the CFRM Investigation Center. Data can be exported from the user interface. CSV

 

We are committed to protecting our customers’ data from unauthorised access. The safeguards listed below help us protect our customers’ data.

Data Safeguards
Product Name Safeguards
PTX
  • Customer data held within the solution is encrypted in transit and at rest.
  • Access to customer data is restricted to those who need-to-know in connection with the provision of the solution.
  • Access to customer data is monitored and assured by internal and external audits.
  • The solution undergoes regular internal and third‑party security testing.
  • The solution is ISO 27001 compliant
  • Anyone with access to Customer data is subject to mandatory information security training and strict contractual confidentiality obligations.
Financial Messaging
  • Customer data held within the solution is encrypted in transit and at rest.
  • Access to customer data is restricted to those who need-to-know in connection with the provision of the Solution.
  • Access to customer data is monitored and assured by internal and external audits.
  • The solution undergoes regular internal and third‑party security testing.
  • The solution is SOC 2 compliant
  • Anyone with access to Customer data is subject to mandatory information security training and strict contractual confidentiality obligations.
Global Payments Hub & Cash Management
  • Customer data held within the solution is encrypted at rest and in transit.
  • Access to customer data is restricted to those who need-to-know in connection with the provision of the solution.
  • Access to customer data is monitored and assured by internal and external audits.
  • The solution undergoes regular internal and third‑party security testing.
  • The solution is SOC 2 compliant.
  • Anyone with access to Customer data is subject to mandatory information security training and strict contractual confidentiality obligations.

Any request for international governmental access to our customers’ data will be reviewed by our legal team, required to meet the necessary legal requirements and adhere to the processes set out in our Terms and Conditions with our customers. For information about how we protect personal data please see our privacy terms, our UK Customer Privacy Terms are available here, and our Swiss Customer Privacy Terms are available here.