This article details prerequisites for exports of merchant data to a 3rd party. The 3rd party is designated by the merchant.
For the merchant's reference, the client data transfer request form is attached. The form, with option #3 selected, must be completed and returned to email@example.com by the signer of the merchant application. A support ticket will be created automatically and the requester can use it to relay information received from the designated 3rd-party.
From the 3rd-party
1. Legal business name and address.
- An indemnification agreement will be drafted by the Forte/CSG legal department. Thereafter, an e-signature request will be sent from an csgi.com email address to the requested 3rd party contact(s) listed below.
2. Email address of primary signatory responsible for executing an indemnification agreement. As needed, provide emails of other parties that need to be cc-d with respect to indemnification agreements.
- A Word version of the agreement will be provided to propose, if needed, red-line edits.
3. Signed Indemnification agreement, from above. Upon Forte/CSG approval, a countersigned agreement will be returned.
4. Name, email, and phone of 3rd-party contact assigned to the data migration project.
5. Public PGP key
6. Valid Attestation of PCI Compliance (PCI-AOC, or suitable documentation)
7. If data delivery will be completed through email, provide the recipient's email. The recipient's email must be registered to the legal business from requirement #1.
8. If data delivery will be completed through an upload to the 3rd-party's secure FTP server, provide connection details and login information.