Note: While our most popular guides have been translated into Spanish, some guides are only available in English.
PCI-DSS compliance

PCI-DSS compliance is a security standard for companies and organizations that handle payment information from consumers. Both of Squarespace’s payment processors, Stripe and PayPal, are PCI compliant.

What is PCI-DSS Compliance?

PCI-DSS (Payment Card Industry Data Security Standard) is a framework for developing a robust payment card data security process—including prevention, detection and appropriate reaction to security incidents. To learn more, visit the PCI Council’s website.

Is Squarespace Commerce compliant?

Yes. All of Squarespace's built-in Commerce tools are compliant. Sensitive card data is never handled by Squarespace. It goes directly to the payment processor’s servers; Squarespace doesn’t have access to this information.

Can I do a third-party compliance scan on my site?

Yes. You’re welcome to check our platform’s PCI compliance using third-party scanning services, like Trustwave.

I have other questions about PCI-DSS.

For general PCI-DSS compliance questions, please contact your payment processor.

Was this article helpful?
9 out of 15 found this helpful