Show Compliance menu

Information Security Policy

XPO Events Ltd and XPO Events Pty Ltd (ABN 67 619 329 323) (XPO Events) has taken every possible measure to give you absolute security to ensure that you can purchase online with complete confidence. Our website has a secure transaction environment for commerce on the Internet provided by Payment Express, a global leader in payment technology. Below is the Privacy and Information Security Policy which both Payment Express and its licensor XPO Events follows.

Payment Express and its licensor XPO Events - Information Security Policy


Payment Express and its licensors XPO Events are committed to protecting your privacy as an Internet user whenever you buy goods or services from a Merchant which uses Payment Express. XPO Events will generally be using Payment Express when the cardholder is using a credit or debit card over the Internet, Phone, Fax, Unattended or Integrated EFTPOS system. Payment Express recognizes its responsibility to keep confidential at all times any information which Payment Express acquires in connection with such a transaction, whether directly from the Cardholders or Merchant. Payment Express protects personal information (at a minimum) to the Payment Card Industry Data Security Standards. Please note however; Payment Express responsibility is limited to protection by Payment Express of information which Payment Express obtains. Payment Express itself cannot, of course, control the use or disclosure by XPO Events of any information which they obtain from you. To give you comfort around XPO Events Privacy Policy please click here.

Collection of Information

To enable Payment Express to provide secure payment facilities it will typically acquire information which may include the Cardholder's name, credit card number (with the expiry date) and billing address.

Use and Disclosure of Information

Payment Express uses the information to obtain authorization of the transaction from the Issuing bank of the credit card and Payment Express' own or the Merchant's bank and to process the payment. Some details from the transaction (such as name, email and delivery address) may be made available to XPO Events through Payline - Payment Express web based transactions management system, which allows XPO Events to track transactions and process refunds.


Payment Express is committed to data security. Payment Express uses a variety of technologies and procedures to help protect personal information from unauthorized access, use or disclosure. For example, Payment Express stores the data in computer servers with limited access that are located in controlled facilities secured by the latest in surveillance and security technology. When Payment Express transmits sensitive information (such as a credit card numbers), Payment Express protects it through the use of encryption, such as the Secure Socket Layer (SSL) protocol. Credit card details stored onsite are encrypted using 168bit 3DES encryption. Payment Express is a level 1 certified PCI-DSS compliant provider:


PCI DSS, the Payment Card Industry Data Security Standard is a set of security requirements relating to the protection of card holder data. The standard is governed by the PCI Security Standards Council, an organisation put together by most of the major card schemes VISA, MasterCard, American Express, JCB and Discover. It's relevant for any entity that stores or transmits sensitive card holder data, that being generally things like the PAN (card number), Card security code, track data, PIN block. Preceding PCI-DSS the card schemes had their own standards, the VISA Account Information Security (AIS) standard formed the basis to most of the PCI-DSS requirements." Click here to view the Payment Express PCI DSS compliance certificate.