GLOSSARY
GDPR (General Data Protection Regulation)
EU privacy regulation governing personal data processing, rights, and safeguards.
GDPR sets rules for collecting and processing personal data of individuals in the EU/EEA. Key concepts: lawful basis, data minimization, purpose limitation, and data subject rights (access, deletion, portability).
Controllers and processors must implement security (e.g., ISO 27001 controls), handle cross-border transfers, and manage breach notifications. Privacy notices, DPAs, and retention schedules are essential artifacts.
In the product
Where this term matters in operation.
The glossary is not meant to be academic. It explains the language teams use in Kotao while selling, planning, paying, reporting, and automating.
In sales
Terms like this appear inside POS, checkout, bookings, offers, and customer communication.
In back office
Finance, inventory, HR, and reporting need the same meaning so reports do not drift apart.
In integrations
APIs, imports, webhooks, and exports work better when teams use the same definitions.
Related terms.
Acquirer
Bank or payment institution that signs merchants and routes their card transactions into the card networks.
Apple Pay
Mobile wallet by Apple that tokenizes cards for contactless and in-app payments.
Card Fraud
Unauthorized card use or theft of credentials to initiate transactions.
Card Network
Payment network (e.g., Visa/Mastercard) that sets rules and routes card transactions between issuers and acquirers.