Payment Security Statement

For the purpose of making payments in our web shop (xwhitesmile.com), you use CorvusPay – an advanced system for secure online acceptance of payment cards. 

CorvusPay ensures complete privacy of your card data from the moment you enter them in the CorvusPay payment form. The payment data are forwarded in encrypted form from your browser to the bank that issued your card. Our shop never comes in contact with the full data about your payments card. In addition, such data are unavailable even to CorvusPay operators. An isolated core independently transmits and manages sensitive data while at the same time keeping them completely secure.

The form for entering payment data is secured by SSL transport code of maximum reliability. All data stored are additionally protected by encryption, using a cryptographic device certified under the FIPS 140-2 Level 3 standard.

CorvusPay satisfies
all requirements for secure online payment as prescribed by the leading credit card brands and operates in compliance with the PCI DSS Level 1 standard – the highest security standard of the payment card industry. Payments made using a card included in the 3-D Secure program are further authenticated by your bank in addition to their validity, confirming your identity through via a token or a password.

All information
collected by Corvus Info is classified as bank secrets and treated accordingly.
This information is used exclusively for its intended purposes. Your sensitive
data are fully secure and their privacy is guaranteed by state-of-the-art safeguards. Only data that are necessary for business purposes are collected, subject to stringent
online payment procedures.

Security controls and operating procedures applied to our infrastructure ensure the current reliability of the CorvusPay system. In addition, they permanently maintain and enhance the system security levels and protect your card data by maintaining strict access controls,  conducting regular security and in-depth system checks for preventing network vulnerabilities and by systematically implementing the relevant provisions for information security.