- PCI DSS Level 1
- The data platform inherits the PCI DSS Level 1 service-provider posture the vault and switch sit under; sub-merchants inherit the posture.
- Data-warehouse posture
- Warehouse connectors respect the merchant's own data-processing region; EU merchants can keep the pipeline inside the EU perimeter.
- GDPR alignment
- Personal-data handling in analytics follows the platform's GDPR posture; card PAN is never rendered in dashboards — vault tokens are the identifier.
- Scheme programme visibility
- Visa VDMP / VAMP / VFMP and Mastercard ECP / EFMP positions surfaced per acquirer; the merchant sees where they stand without waiting for the acquirer to report it.
- Audit-grade event log
- Every routing-policy edit, refund and dispute action logged with actor identity, timestamp and reason code — analytics rest on tamper-evident data.
- Licensed verticals only
- Licensed gaming, regulated financial services and other compliance-bound verticals supported only where current operating licences exist. Grey and black-market verticals are out of scope regardless of the analytics on offer.