EmailMeForm is the ONLY Form-Builder
that is 100% PCI Compliant

The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements to ensure all companies that process, store, or transmit credit card information maintain a secure standard.

If you’re collecting sensitive customer information like credit card information to process the payments at a later time on their behalf, then yes.

The PCI DSS applies to ANY organization, regardless of size or number of transactions, that accepts, transmits, or stores any cardholder data.

Yes. All businesses that store, process, or transmit payment cardholder data must be PCI Compliant. But collecting such information over the phone is deemed as one of the most unsecure ways to collect this type of information. EmailMeForm developed PCI Certified Vault where you can store credit card information safely and in the most secure way.

Even if you do not store credit card data, if you accept credit or debit cards then PCI compliance applies to you.

In-scope cards include any debit, credit, and pre-paid cards branded with one of the five-card association/brand logos that participate in the PCI SSC – American Express, Discover, JCB, MasterCard, and Visa International.

Yes. EmailMeForm is PCI-Certified to handle offline credit card transmission and storage, as well as integrating with our reliable payment integration partners like Paypal, Stripe, Braintree, Chargify, and more.

We’re not just PCI Compliant. We’re the only PCI-Certified form builder who can allow users to collect the complete credit card number, CVV code, and expiration date.

No.

PCI Compliance is a self-checked assessment of security measures prescribed by PCI DSS — it only takes about 30-45 days to complete.

PCI Certification takes that same checklist and then submits that assessment to an independent audit conducted by a PCI Qualified Security Assessor (QSA) who’s been selected, trained, and qualified by the PCI body itself.

This is available upon request. Please send us a message here.

EmailMeForm’s independent QSA is TUVRheinland.

Higher level of security and convenience for both you and your client.

Instead of calling them on the phone to get the CVV code, our forms let you collect the complete credit card number, CVV code, and expiration date. We’re the only PCI-Certified Form Builder who can do that.

PCI certified business is necessarily PCI Compliant but certification is not guaranteed the other way around.

As far as we know, yes.

Other form builders can say they’re PCI-Compliant or PCI-Certified, but they don’t allow you to collect the full credit card number and CVV code. They are only certified to process integrated payments with 3rd parties.

We also have an appointed Data Protection Officer (DPO) who handles all our PCI concerns.

Your process of collecting credit card information entrusted using our forms is PCI Compliant and that’s our only scope. Clients are solely responsible for auditing their entire business for PCI compliance.

• Utilize the Vault credit card field for collecting credit card information to ensure that the cardholder data is always encrypted upon collection, transmission between networks, and storage.

• Provide encrypted upload fields when asking users to submit documents like passport details for data privacy protection.

• Use field-level encryption on your form fields to encrypt the collected information before sending it to our EmailMeForm storage.

• Collect electronic signatures via our signature fields for additional security protection.

• Access to our appointed Data Protection Officer (DPO) for your specific PCI requirements.