Squarespace

PCI-DSS compliance is a security standard for companies and organizations that handle payment information from consumers. All of Squarespace’s payment processors, Stripe, PayPal, and Square are PCI compliant.

What is PCI-DSS Compliance?

PCI-DSS (Payment Card Industry Data Security Standard) is a framework for developing a robust payment card data security process—including prevention, detection and appropriate reaction to security incidents. To learn more, visit the PCI Council’s website.

 Is Squarespace Commerce compliant?

Yes. All of Squarespace's built-in Commerce tools are compliant. Sensitive card data is never handled by Squarespace. It goes directly to the payment processor’s servers; Squarespace doesn’t have access to this information.

Stripe

Stripe is a certified PCI Service Provider Level 1. This is the most stringent level of certification available in the payments industry. To accomplish this, they use the best-in-class security tools and practices to maintain a high level of security at Stripe.