Organisation: Woods Group
PCI DSS Compliance Status: Compliant
Expiry Date: 30.05.2019
PCI DSS Version: 3.2
Woods Group Ltd (Woods) has been providing specialist fund-raising services for charities since 1998 and provides payment services for those charities which include the use of payment cards.
Woods processes card payments in three different ways. The primary channel is through the use of paper forms. These are completed by members of the public (supporters) and sent through the post to Woods. Woods staff then take the information from the forms and enter it into their processing application (Admin System) and the details are then sent via the application to a PCI compliant payment gateway called Creditacall.
The second method, which is rarely used involves customer service agents taking card details from when there are queries associated with the paper forms. The card payments are then processed in the same way as paper forms.
The third method is via the Woods website. The website does not handle cardholder data but simply redirects the supporter to Creditcall for payment to be made through its website.
Woods does not collect any sensitive authentication data as part of any of the above three processes.
Woods does not store any cardholder data.