About Us

PCI-Secure is a global provider of Advisory, Audit, Forensics, Incident Response and Assurance services. We were formed by a team originally from the roots of major corporate consulting. Becoming disillusioned with the corporate consulting world that was not acting in the best interests of customers or their end consumers we formed PCI-Secure. We knew that we could do better, and have.

Over the last five years we have bolstered our expertise from specialists gained from law enforcement, military services, niche service providers and the best from the big four consulting houses. This led from the same management and investment team has seen sustained growth and the addition of allied services. We are well financed, motivated, hungry for your business and seek to delight in every engagement.

When it comes to security and specialist resources we have real world experience across all market sectors and verticals. We only take on work we know we can complete in line with your requirements and charge for what we do. We support ‘plain English’ and do not hide behind fancy lawyers so engaging with us is easy and simple.

So whether you are a public or private sector organisation, PCI-Secure is able to assist you with all of your objectives. We have specific datasheets on each of our offerings so speak to one of the sales team today.

As an organisation we are proud to hold the following accreditations:

Version 1.5

5th January 2018

1. PCI-Secure Ltd, a limited company registered in England (company number 08782775), PCI-Secure Holdings Ltd, a limited company registered in England (company number 10139423) and PCI-Secure LLP, a Limited Liability Partnership registered in England (partnership number OC322692) collectively “PCI-Secure”. PCI-Secure agrees to provide services under this agreement to {company name}, a {Public/Private} Limited Company registered in England & Wales (registered number {complete} with its registered office at {complete address}, United Kingdom (‘The Purchaser’).

2. The proposal given on or attached to these terms and conditions will only remain valid for a period of thirty (30) days.

3. Pricing is exclusive of VAT and Expenses. Expenses incurred by PCI-Secure will be charged in line with PCI-Secure’s travel policy – a copy of which can be provided upon request. All expenses will be reasonable and will be passed through at cost.

4. Acknowledgment and acceptance of this proposal is made by you placing an order within the specified period above, at which time you will be bound by these terms and conditions. Each proposal accepted shall constitute an individual legally binding contract between you and us. Such contract is hereinafter referred to in these terms and conditions as "an order".

5. No addition, alteration, substitution or waiver of these terms and conditions will be valid unless expressly accepted in writing, by us or a person authorised to sign on our behalf.

6. Nothing in these terms and conditions and proposal shall prejudice any condition or warranty expressed or implied, or any legal remedy to which we may be entitled in relation to the goods / and or the work that is subject of this order.

7. Day rates are charged as one consultant per day and If after our initial assessment any further work is necessary and this causes an increase in costs, we will send you a further proposal giving details of the extra costs and will only proceed with the works once your written acceptance has been received.

8. You will permit us during normal working hours to carry out services defined in the proposal and thereafter to undertake the services according to the program set out in the proposal.

9. Travel time may be charged at the discretion of PCI-Secure.

10. You will obtain all permissions and consents, which are required before any security testing services can commence.

11. You acknowledge that prior to commencement of the services, key staff, third parties, office space, completed pre-engagement questionnaire, security testing authorisation form and other scoping information must be made available.

12. Consulting days are offered on a first come first served basis and are subject to consultant availability. No guarantee of availability can be made until a valid purchase order and/or signed agreement is received.

13. At our discretion, consulting days are subject to the following policy, if cancelled with less than 1-week notice by the customer:

13.1. Over 1-week notice – no charge

13.2. Less than 1-week notice – 100% charge

14. All consulting days ordered will be scheduled, delivered and invoiced within one calendar year of the date of this quotation. All scheduling will be subject to approval by PCI-Secure.

15. All payments shall be made by The Purchaser’ on presentation of invoices unless otherwise stated. We reserve the right to claim statutory interest at 4% above the Bank of England base rate for late payment in accordance with the Late Payment of Commercial Debts (Interest) Act 1998 for any invoices that remain not paid within 14 days of invoice presentation.

16. PCI-Secure reserves the right where work is split over a long-time period, split invoicing may be carried out for work once it’s completed.

17. We represent and warrant that the services shall be rendered using sound, professional practices and in a competent and professional manner by knowledgeable, trained and qualified personnel. No deliverable and/or other materials provided by us or services performed by us, directly or indirectly nor the use thereof by The Purchaser’ will constitute an infringement, misappropriation, or unlawful use or disclosure of any intellectual property rights or other rights of a third party.

18. We will not be liable for any consequential loss or damage caused directly or indirectly by any defect or otherwise howsoever caused.

19. We shall maintain in effect at all times during the term of our engagement with The Purchaser’, at our sole expense, the minimum insurance coverages, including Professional Indemnity cover, to give effect to this agreement, including any insurance policies required by applicable law. We agree to provide details of such insurance coverage to The Purchaser upon reasonable written request.

20. The Purchaser may from time to time during the term of this proposal disclose to us certain non-public, commercially proprietary or sensitive information, whether or not designated as “confidential” or “proprietary” or similar designation, that relates to the past, present or future business activities of The Purchaser or their employees, customers or third party suppliers or contractors, including technical, marketing, financial, employee, planning, and other confidential and proprietary information (“Confidential Information”).

21. We shall comply with, and shall cause each of our personnel to comply with, all of the provisions of any Non-Disclosure Agreements (“NDA”) signed between the parties. We will hold Confidential Information in trust and confidence for The Purchaser and, except as set forth in the NDA or as otherwise may be authorised by The Purchaser in writing, will not disclose such information to any person, firm or enterprise.

22. PCI DSS and PA-DSS Assessment work is subject to review by the PCI Security Standards Council (PCI SSC) as part of their Quality Assurance process, and The Purchaser agree that PCI-Secure may provide the RoC, RoV and any supporting evidence/documents to the PCI SSC upon request. Compliance cannot be guaranteed and this would be a critical violation of any QSA Company to offer this. Therefore, any remedial actions required and subsequent audit requirements are excluded from this proposal.

23. If any part of these terms and conditions are found to be unlawful it shall not affect the validity or enforceability of the remaining clauses. These terms and conditions shall be construed in accordance with the laws of England and shall be subject to the exclusive jurisdiction of the English courts.