PCI Compliance with Stripe

To request a copy of our PCI SAQ-A document:

Please email the request to help@donate2.com

As part of our product integration, cardholder data functions are completely outsourced to Stripe. We do not handle, process, transmit or retain any paper or digital reports or receipts with cardholder data. Our integration is an e-commerce merchant (card-not-present), and we do not store, process, or transmit any cardholder data in electronic format on our systems or premises.

We confirm that: 

• We accept only card-not-present (e-commerce) transactions through Stripe; 
• All processing of cardholder data is entirely outsourced to Stripe, a PCI DSS validated third-party service provider; 
• We do not electronically store, process, or transmit any cardholder data on our systems or premises, but relies entirely on Stripe to handle all these functions; 
• We have confirmed that Stripe's handling, storage, processing, and/or transmission of cardholder data are PCI DSS compliant; and 
• There is no cardholder data that we retain 
• All payment elements of the form delivered to the customer's browser are secure and originate from Stripe.

Once you have your Stripe account, you can access your Settings > PCI Compliance

You will be able to generate and download a SAQ A PDF.

This PDF can aid in your overall PCI compliance efforts as an organization.