Security & Compliance

▼ Security & Compliance

This page lists information on security and compliance (ISO27001 certification, PCI DSS, information security policy, protection policy for personal information and specific personal information) at GMO Payment Gateway.

ISO27001 certification

GMO-PG is the first listed payment service provider to obtain certification for ISO/IEC 27001:2013 (domestic standard JIS Q 27001:2014), the global standard in information security management, for all of our offices.


GMO-PG services are fully compliant with PCI DSS Ver3.2.1, the global security standard for the credit card industry. PCI DSS is jointly established by the international credit card companies JCB, American Express, Discover, Mastercard, and Visa. This provides safe credit card payment and peace of mind to all our customers.

Information security policy

The Basic Policy for Information Security defines basic policies regarding information security at GMO Payment Gateway, Inc. The Basic Policy is intended to protect information assets (including personal information) of GMO-PG, as well as information of customers and business partners held by the Company.

Protection policy for personal information and specific personal information

GMO-PG views the protection of personal information as the most important aspect of our corporate activities. We recognize the appropriate handling and safe management of information as our most important social responsibility. Therefore, in addition to declaring policies related to the protection of personal information both inside and outside the Company, we will continue to implement policies to educate employees regarding the importance of personal information. Furthermore, we will assign responsibility for protecting personal information to each organization which handles personal information, and will manage personal information appropriately.

Regarding the handling of personal information and specific personal information

In order to realize peace of mind when using services offered by GMO Payment Gateway, Inc., the Company recognizes the need for appropriately handling of personal information and specific personal information provided by our business partners. Therefore, we obey all legal standards for the protection of personal information, specific personal information, etc., and define protection policies.

Financial Instruments Solicitation Policy

The Agency has stipulated the following solicitation policy for financial products based on the Act on Sales, etc. of Financial Instruments.