PCI Compliance with Donate2 & Stripe

To request a copy of our Donate2 PCI SAQ-A document:

Please email the request to help@donate2.com

As part of our product integration, Donate2 cardholder data functions are completely outsourced to Stripe. Donate2 does not handle, process, transmit or retain any paper or digital reports or receipts with cardholder data. Donate2 is an e-commerce merchant (card-not-present), and we do not store, process, or transmit any cardholder data in electronic format on our systems or premises.

Donate2 confirms that: 

  • Donate2 accepts only card-not-present (e-commerce) transactions through Stripe; 
  • All processing of cardholder data is entirely outsourced to Stripe, a PCI DSS validated third-party service provider; 
  • Donate2 does not electronically store, process, or transmit any cardholder data on our systems or premises, but relies entirely on Stripe to handle all these functions; 
  • Donate2 has confirmed that Stripe's handling, storage, processing, and/or transmission of cardholder data are PCI DSS compliant; and 
  • These is no cardholder data that Donate2 retains 
  • All payment elements of the Donate2 form delivered to the donor's browser are secure and originate from Stripe.

Once you have your Stripe account, you can access your Settings > PCI Compliance

You will be able to generate and download a SAQ A PDF.

This PDF can aid in your overall PCI compliance efforts as an organization.