Compliance & safety · For clients

How your payment information is handled

We do not store your card. Here is what actually happens when you check out.

2-min readUpdated

Your card never touches our servers. Here is how the checkout flow really works.

The handoff

When you type your card into the checkout form, the form fields are hosted by Stripe — not us. Stripe is a payment processor that holds the highest level of card-data security certification (PCI DSS Level 1). Your card details go from your browser straight to Stripe's servers without passing through ours.

What we get back is a token — a string of random characters that represents your card without containing any of its actual digits. We store the token. The token is useless to anyone outside the relationship between us and Stripe.

Saved cards

When you save a card "for next time", what we save is the token. The next time you check out, you click the saved card and we send the token back to Stripe with the new charge. Same security model.

Refunds

Refunds use the same token. We send Stripe the original charge ID and ask for a refund — Stripe routes the money back to your card without us seeing the card.

What if Stripe is breached?

In Stripe's history, the answer has been "the breach affected a different system, not the card vault". The card vault has not been compromised. If it ever were, Stripe would notify everyone immediately and we would do the same.

Apple Pay, Google Pay, Link

Same model. Your wallet sends a token to Stripe. We never see card details.

Why we do it this way

Two reasons. One, your card data is genuinely safer with a specialist than with a small number of engineers at a startup. Two, we do not want the liability of holding card data — being out of PCI scope means we can move faster on everything else.

Was this helpful?
Related articles
Still need help?

Talk to your team — they have your full account context.

Talk to your team →