Definitely. We do not store any sensitive information on our servers. We use Stripe as our payment processor. All card numbers are encrypted on disk with AES-256. Decryption keys are stored on separate machines. None of Stripe's internal servers and daemons are able to obtain plaintext card numbers.

Stripe has been audited by an independent PCI Qualified Security Assessor (QSA) and is certified as a PCI Level 1 Service Provider. This is the most stringent level of certification available in the payments industry.

Did this answer your question?