.

We are PCI compliant while following:

1. Only process credit cards using a PCI Compliant Service Provider or PCI Approved Software (Stripe).

2. Never store the card security code (the three digit number on the back of Visa/MasterCard/Discover cards, or the four digit number on the front of American Express cards).

3. Never, ever store the magnetic track data from any card.

4. Encrypt ANY electronic storage of full credit and debit card numbers.

5. We do not keep paper documents containing a full credit card number in a secure location (locked file drawer/safe) when not in use.

6. Allow only employees with a business need to have access to credit card numbers.

7. Never share user IDs and passwords or the use of group user accounts.

8. We use strong passwords for all system access.

9. Immediately disable access for all terminated employees.

10. Secure and regularly examine all POS swipe devices for signs of tampering.

11. Secure all our business computers by installing and activating personal firewalls and anti-virus/anti-malware software and disabling all generic or default user accounts and passwords.

12. Create a security policy for our business that addresses all aspects of the PCI DSS