> Over the past few months, our former payment provider Nexi S.p.A. (“Nexi”)
requested access to private data, which we understood to be specifically the
usernames and passwords of our supporters. We have refused this request. All our
attempts to clarify Nexi’s request, or to understand how their need for such
information was necessary and legal, were met with what we consider to be vague
and unsatisfactory explanations relating to a general need for risk analysis. >
> Subsequently, we found ourselves unable to receive credit card donations
through Nexi’s system. In the afternoon of 10 March, we were further informed
that our contract had been cancelled a few days prior on 7 March, due to our
supposed failure to meet their deadline to fulfil their request. This deadline
was not communicated to us beforehand, despite us having been Nexi’s customer
for the past 15 years. This is completely crazy! As 450 supporters are affected,
that is a huge amount of donations that were cut off!
You know how sometimes a story seems so completely crazy, that you wonder what detail has been left out? Like… the payment provider just randomly wanted a list of all passwords? What?
Over the past few months, our former payment provider Nexi S.p.A. (“Nexi”) requested access to private data, which we understood to be specifically the usernames and passwords of our supporters. We have refused this request. All our attempts to clarify Nexi’s request, or to understand how their need for such information was necessary and legal, were met with what we consider to be vague and unsatisfactory explanations relating to a general need for risk analysis.
Agree, there’s no way this is the whole story. Someone is hiding something. If that isn’t the FSFE then I’m guessing that the payment processor set the whole thing up as a flimsy reason for kicking them out with a “justified” cause. As to why, who knows.
I think that was an exaggeration. They likely “just” wanted their account names and PII. It was simply not clear, and they never clarified it, which is absurd. Probably because it is illegal to ask, but if they get data willingly, they are out of trouble?
You know how sometimes a story seems so completely crazy, that you wonder what detail has been left out? Like… the payment provider just randomly wanted a list of all passwords? What?
Holy shit you weren’t kidding
Agree, there’s no way this is the whole story. Someone is hiding something. If that isn’t the FSFE then I’m guessing that the payment processor set the whole thing up as a flimsy reason for kicking them out with a “justified” cause. As to why, who knows.
I think that was an exaggeration. They likely “just” wanted their account names and PII. It was simply not clear, and they never clarified it, which is absurd. Probably because it is illegal to ask, but if they get data willingly, they are out of trouble?