Credit Card/PCI Compliance Policy
Credit Card/PCI Compliance Policy
The purpose of this policy is to ensure that the District’s handling of customer credit card information complies with credit card Payment Card Industry (PCI) requirements.
- Under no circumstances will any officer or employee of the District record or save customer credit card information beyond the last 4 digits of the number.
- Under no circumstances will any officer or employee of the District record or save security code information from a customer’s credit card.
- All customer credit card transactions shall be processed via certified PCI credit card processing services.
- Intuit Credit Card Terminal
- Intuit GoPayment Service
- Paya Merchant Account Services
- Any and all customer credit card information will be fully destroyed upon the completion of the current transaction.
- No media in any form will be maintained that contains customer credit card information.
- We will discourage customers from using unsecured email to provide credit card information to us
- Credit card number should never be sent in the same email as the security information.
- If the customer does send the information by email (separately or in the same email) we will destroy the email and any printouts upon completion of the transaction.
- Credit card payments from District clubs will only be accepted via the secure payment link on a District invoice which does not provide credit card information to the District.
Last updated, Oct 15, 2024 by Dean Danner, Treasurer - RID6270