Bindwise is not in the business of storing or processing payments. All payments made to Bindwise goes through our partner, Braintree (PayPal's company). Details about their security setup and PCI compliance can be found at Braintree's security page.
Let's first explain the payment form that we have on our website.
The input fields of the form are hosted in Braintree (PayPal's company). Even though the form is shown in your Bindwise account it actually lives (is hosted) on Braintree's website. You can easily confirm this by following the next steps:
- Go to https://www.bindwise.com/app/secure/plans
- Click CHECKOUT
- Fill the address form with dummy values just to get to see the payment form
- Then right mouse click on Card number input field -> Inspect
- This will show you the actual code of our website.
- A few lines above you'll see something like <iframe src="https://assets.braintreegateway.com/web/3.52.0/html/hosted-fields-frame.min.html#d8ab822f-85cd-490f-8620-d48a804e444e" which basically says that this particular input field for credit cards belongs to Braintree (PayPal) website
The same goes for the Expiration date. It's Braintree (PayPal) hosted/processed input field.
We also don't store any payment information. It's stored in our Braintree (PayPal) account. Bindwise doesn't have access to your card data because it's fully processed by Braintree (PayPal).
If you have further security concerns feel free to reach out to PayPal (https://www.paypal.com/us/smarthelp/contact-us?email=privacy) or Braintree (email@example.com) support directly and ask them about so-called Drop-in UI security (https://developers.braintreepayments.com/start/drop-in) which we use to show you this payment form.
If you have any questions please don't hesitate to contact us at firstname.lastname@example.org