Privacy Policy

How safe are my credit card details?

A: Here at Viola Organics’ we are as concerned about the safety of your credit card details as you are. In line with PCI DSS (PCI Data Security Standard) compliance the website has undergone an upgrade in software and all payments are now processed externally via Paystation – see updated information below from Paystation.

If you choose to subscribe to Viola Organics’ regular e-mail newsletter, we will e-mail you on a monthly basis with special offers, deals and information. This service is completely discretionary. If you no longer wish to receive the newsletter, simply follow the unsubscribe instructions contained within the e-mail.

In addition to Viola Organics Ltd safeguards, your personal data is protected in New Zealand by the Privacy Act. This provides, among other things, that the data we hold about you should be processed lawfully and fairly. It should be accurate, relevant and not excessive. The information should be kept up to date, where necessary, and not retained for longer than is necessary. You have the right to see what is held about you and correct any inaccuracies. Viola Organics Ltd treats all the data held with the utmost care and security. Any details you give will remain completely confidential.  We do not sell or share any information about individual users.


“Always a hot topic, and there continues to be a lot of buzz around card scheme compliance levels and general security standards at the moment.  The card schemes (VISA and MasterCard in particular) are getting hot on achieving high security compliance levels.  So here’s the noise on Paystation’s compliance levels”.

In addition to being a Paymark Partner, Paystation has been Payment Card Industry (PCI) Account Information Security (AIS) Data Security Standard (DSS) compliant since 2006 (that’s PCI AIS DSS for the acronym lovers out there).  We can confirm that our standard operating procedures meet or exceed the SIGS guidelines (the applicable aspects of SIGS, Chapter 8 and all of SIGS, Chapter 8, Annex A). We can also confirm that we meet or exceed the standards set in AS/NZS ISO/IEC 17799 Code of Practice for Information Security Management.  We use Confide as our PCI QSA and general security auditors.

Our servers are hosted in the Netspace Services Limited secure data centre in Wellington, New Zealand with Disaster Recovery servers running in the Netspace Services Limited secure data centre in Auckland, New Zealand. 

Our PCI compliance Certificate of Compliance is available on our website here:

Back to top