- Help center
- Knowledge base
- Privacy and security
Protect client card details in Fresha
Protect client card details in Fresha
At Fresha, we prioritize protecting your clients' personal data, including their payment card details, by complying with international regulations known as PCI DSS. This guide will help you understand PCI DSS compliance and the steps you can take to manage sensitive data.
How PCI DSS works
PCI DSS, or Payment Card Industry Data Security Standard, is a set of regulations established by major payment providers such as Visa, Mastercard, American Express, Discover, and JCB. These rules aim to ensure the secure handling of payment card information by companies that accept, process, store, or transmit it.
If you accept card payments (online or in-person), you must always follow PCI DSS rules when handling client payment card details. You’ll be responsible for managing any issues arising from unauthorized access or internal misuse exposing clients' payment card details, as outlined in Fresha's terms and conditions.
Staying PCI DSS compliant
There are 12 requirements under PCI DSS regulations that you must comply with to protect client payment card details and personal data. Here are some helpful measures you can take:
- Take online and in-store payments securely using Fresha’s payment processing which comes with free end-to-end PCI DSS compliance. Offering advanced data encryption methods, regular security audits and vulnerability assessments.
- Remove any client payment card details that have been stored manually within your Fresha account or anywhere else in your business.
- Keep your clients well informed about the steps you take to ensure you’re PCI DCC compliant.
- If you’re not using Fresha payments, contact your payment processing provider to seek advice on how to remain compliant.
FAQs
What should I do if Fresha payments is not available in my region?
Can I store client card details outside of Fresha for backup?
How can I make my clients feel more secure about their data?