Skip to main content
What is PCI compliance?

Self Assessment Questionnaire (SAQ) for Payment Card Industry Data Security Standards

Angela avatar
Written by Angela
Updated over 5 months ago

๐Ÿ’ณ Schedulicity does not store credit card data. Rather all credit card information is stored via a PCI compliant Payment Processor.

Jump to a section in this article:


What is PCI Compliance?

PCI-DSS Compliance is a credit card industry acronym that stands for Payment Card Industry Data Security Standard. It's important for any business looking to accept, store, and process card payments.

  • The guidelines were created to ensure a level of protection for consumers, businesses, and banks from online fraud and data breaches.

  • All businesses should practice a set of PCI standards as well as host their data securely with a PCI compliant hosting provider. That PCI compliant hosting provider for Schedulicity is our Payment Processor, Adyen

While PCI compliance is not required by law it is required by credit card companies to make online transactions secure and protect against identity theft. Any business that wants to process, store, or transmit credit card data is required to be PCI compliant, according to the PCI Compliance Security Standard Council.

Here are the requirements listed below:

  1. Install and maintain a firewall configuration to protect cardholder data

  2. Do not use vendor-supplied defaults for system passwords and other security parameters

  3. Protect stored cardholder data

  4. Encrypt transmission of cardholder data across open, public networks

  5. Use and regularly update antivirus software

  6. Develop and maintain secure systems and applications

  7. Restrict access to cardholder data by business need-to-know

  8. Assign a unique ID to each person with computer access

  9. Restrict physical access to cardholder data

  10. Track and monitor all access to network resources and cardholder data

  11. Regularly test security systems and processes

  12. Maintain a policy that addresses information security


Why do I need to acknowledge my PCI compliance?

What's a SAQ-A?

  • SAQ stands for "Self Assessment Questionnaire"

  • It's a self-validation tool intended to assist businesses and service providers evaluate their compliance with the Payment Card Industry Data Security Standard

  • SAQs help you report the results of your PCI DSS self-assessment and it's important that you meet all of the standards for a specific SAQ.

Upon approval for our Schedulicity Pay, you pre-fill the SAQ from our partner, review and accept during the application process.


Did this answer your question?