Arts Management Systems' data and Customer's data is to be considered sensitive at all times and treated with the utmost care. This is especially true when it comes to data relating to PCI compliance and credit card information. There is also, in general terms, no need to have customer data transferred to our custody, especially with sensitive data in it.

AMS & Customer Data Policy

It is Arts Management Systems policy that Employees:

• At no time will customer data be transferred into our custody without the explicit knowledge and agreement of the customer.
• Do not transmit any database containing encrypted sensitive credit card data outside the customers network and never to AMS premises.
• Try to solve all problems without any data ever having to leave the client’s servers, even if it means loading their production database into a separate test database on their servers for purposes of diagnostics.
• Collect only data required to solve the problem and reproduce it such as order number, patron number, ticket number, cart #, dates, etc.
• Data placed on our servers for Tier II support will be stored in a restricted location until such time as the problem resolution process begins.
• Do not keep any data given to you for diagnostic purposes for longer than is absolutely necessary.
  • On a Mac, this is done by putting the file in the trash and using ‘File->Secure Erase’
  • On a PC, a tool like Eraser is to be use to securely delete.

General

• Arts Management Systems hereinafter called “AMS”.

Revision History

• June 2010
• Aug 2016
• Sep 2019