PCI-DSS compliance is a security standard for companies and organizations that handle payment information from consumers. Both of Squarespace’s payment processors, Stripe and PayPal, are PCI compliant.
What is PCI-DSS Compliance?
PCI-DSS (Payment Card Industry Data Security Standard) is a framework for developing a robust payment card data security process—including prevention, detection and appropriate reaction to security incidents. To learn more, visit the PCI Council’s website.
Is Squarespace Commerce compliant?
Yes. All of Squarespace's built-in Commerce tools are compliant. Sensitive card data is never handled by Squarespace. It goes directly to the payment processor’s servers; Squarespace doesn’t have access to this information.
Can I do a third-party compliance scan on my site?
Yes. You’re welcome to check our platform’s PCI compliance using third-party scanning services, like Trustwave.
I have other questions about PCI-DSS.
For general PCI-DSS compliance questions, please contact your payment processor.