the staff of the payment card scheme and of the processing entity are separately identified via the authentication procedure to access the information management system;

users only have access to information which they are entitled to in compliance with this Regulation. In particular, any sensitive information, as referred to in Article 14, of a processing entity shall not be accessed by the staff of the payment card scheme and any sensitive information of a payment card scheme shall not be accessed by the staff of the processing entity.