For faster tracking of your Tax Free shopping refund, download our app. Or enter your voucher details below.
There is no need to include any spaces or hyphens - just the numbers and letters only.
If you have a query about your tax refund progress, please click here.
We are sorry but barcode number:
Wasn't found in our system.
For more information, please click here to provide specific information for us to help you. (Please have your voucher number to hand.)
Each of our vouchers has a unique barcode number - you can usually find it at the top of your voucher.
If you need further help, please use the links below:
We're waiting to receive your stamped vouchers.
We will update your tax refund status once we receive your Tax Free form.
If you have queries on the refund status, please fill out this form for your voucher(s).
PCI compliance is the three step process of implementation, adherence, and proof of compliance of the security standards set by the PCI Security Standards Council. These standards were developed to facilitate industry-wide adoption of uniform data security practices. They are designed to protect cardholder data from the point of sale, through transaction and in some cases the long term storage of that information.
PCI compliance is required of ALL organisations that accept, transmit, or store any credit card information. This is regardless of size and processing method, and includes service providers (processors, website hosting companies, gateways, etc.). The only merchants that do not need to become PCI compliant are those that ONLY accept cash.
In order to become PCI compliant, merchants are required to complete and pass a Self-Assessment Questionnaire (SAQ) annually, perform quarterly network vulnerability scans (only if the merchant processes or transmits cardholder data through the Internet).
A merchant must complete and pass a SAQ once a year, assuming the method in which the merchant’s business accepts processes and stores transactions stays the same. If the business’s processing, transmitting or storing methods change, the merchant should review the SAQ and make the appropriate changes to ensure their PCI compliance remains validated.
Merchants storing, processing, or transmitting cardholder data over the Internet should pass a network vulnerability scan performed by an Approved Scanning Vendor (ASV) every 90 days. Similar to the SAQ requirements, if something were to change on the network that is processing cardholder data (e.g. a new router is installed), another scan should be performed to ensure that the business continues to properly secure this data with the new hardware or software.
PCI Compliance is a requirement by the card associations, Planet Payment and our Sponsor Banks. Complying with the PCI DSS requirements greatly reduces the risk that a business falls victim to a data breach of any customer’s sensitive cardholder data. Data breaches can be very damaging for businesses and can result in severe fines, possible lawsuits, expensive forensic audits, and a negative business reputation.
Additionally, customers are often wary of their credit card information being stolen, PCI compliance offers customer’s peace of mind that their sensitive data is being protected with the highest industry standards. Businesses that are validated PCI compliant tend to see higher rates in consumer confidence.
The consequences of non-compliance range in severity from simple fees to substantial fines that could ultimately result in a company going out of business. The fallout increases dramatically after a merchant experiences a data breach.
Even before a data breach occurs, businesses are exposed to the following consequences:
After a merchant experiences a data breach, the business can be exposed to the following consequences:
A data breach occurs when someone unlawfully penetrates a credit card data handling system and the data is stolen for malicious use, whether by external hackers or employees.
As mandated by the PCI Security Standards Council, merchants must validate their compliance by completing an SAQ (Self-Assessment Questionnaire) every year.
For those merchants who process, store or transmit cardholder data on the Internet, a network vulnerability scan may also be required every 90 days.
It’s important to note that if a merchant changes the way they process credit/debit card payments or the way they handle customer’s sensitive cardholder data, they should review and confirm that their answers on the SAQ accurately reflect the changed method(s).
Panoptic is a technology security company that Planet Payment has contracted with to handle and assist our merchants in becoming PCI compliant. Panoptic is part of Sysnet Global Solutions, which is both a Qualified Security Assessor and Approved Scanning Vendor, certified by the PCI Security Standards Council.
In order to provide comprehensive validation of PCI compliance Planet Payment has chosen Panoptic to handle that task. Planet values the relationship they have with all of their customers and in order to provide the best possible service we have chosen Panoptic and allowed them to work with you directly to become PCI compliant.
The fees associated with the PCI compliance service is $6.95 per month. Any Merchant that fails to validate PCI compliance will be charged a non-compliance fee of $49.95 per month.
All merchants that accept debit/credit transactions as a method of payment are required to be PCI compliant. Please be aware that failure to do so could lead to adverse action against your merchant account which may include a $49.95 non-compliance fee and possible termination of your merchant account.
We have designed the program in order to allow you to quickly provide the information to us since you have already asserted your PCI compliance. If it has been more than a year, it is likely that your validation of compliance has expired. Contact the provider, obtain validation of compliance and upload the document into our PCI portal. You will be required to complete a condensed SAQ (Self-Assessment Questionnaire).
PCI compliance is now a business requirement for any merchant that wishes to accept credit and debit cards, just as health and safety compliance is a requirement for any business that operates a store, office or factory. If you are not able to do so in a secure manner, then ultimately the potential dangers to your business are considerable. Even if you cannot become compliant immediately, you need to show progress on the way to becoming PCI compliant.
It is a matter for other banks and processors how they choose to comply with Association Regulations and Industry Standards. Planet Payment has chosen this method of compliance with our obligations, as we consider this the most efficient and cost effective way to do so.
While not storing credit/debit card information drastically lowers your risk of a data breach, you are still not completely safe. There are many ways hackers can steal credit card information, even if it is not stored. One of the most common ways to steal credit/debit card information is while it is in transit, thus storage is only one aspect of a very complex process.
Merchant is still held liable in the event of a data breach, however, the penalties from the card network will not be as severe and in certain circumstances may be waived if merchant can show full compliance.
Data Breach Insurance transfers risk from the merchant to the insurer in the event that a merchant’s customers’ cardholder data is compromised. Some policies may include coverage of the mandatory forensic audit, credit card replacement costs and expenses, assessments and fines levied by card sponsors, and further some policies may cover breaches caused by employee dishonesty, physical theft of data, as well as computer hacking.
In order to cover the cost of the program including the insurance, Planet Payment will be charging a modest fee to your account. Planet Payment has made efforts to ensure the fee is at an affordable level. It is likely that if you were to engage your own QSA and ASV the fees would be higher.
As part of the relationship that Planet Payment has established with Panoptic Security you can contact them to assist you and answer any PCI related questions you have. They can be reached at 801-783-2322 and select option 1.
For additional information regarding PCI compliance, please visit the official website of the Payment Card Industry Security Standards Council. Also included below are links to the individual card brand association’s security guideline websites.