About FoxyCart's Security and Compliance

FoxyCart is a PCI Compliant Level 1 Service Provider

FoxyCart is currently a Level 1 Service Provider. This means that our systems are secured at the highest standards of PCI DSS.

You can verify our status at:

What is PCI DSS, and how does it relate to you?

How PCI relates to your store will be determined by your unique set up. By using FoxyCart, we do take on at least some of the compliance requirements as it relates to your online store. For an in depth summary of the different areas of PCI compliance, what level might relate to you, and what to do if someone is telling you that you need to pay to be compliant, check out our overview of what it is, and what it means to you.

Foxy is a member of the EU-US and Swiss-US Privacy Shield Framework

Copy/Paste Text for Your Policies

If you need a blurb for your customer-facing marketing or policies, feel free to use this (if indeed you aren't accepting cardholder data except via FoxyCart):

​Cardholder Data Security Policies:​
In order to minimize the risk of security incidents, we fully outsource all payment processing to FoxyCart.com. FoxyCart is PCI DSS (Payment Card Industry Data Security Standard) Compliant as a Level 1 Service Provider, and is listed on both Visa and MasterCard's global registries. Anytime you submit payment information via our website, you are submitting through FoxyCart's secure infrastructure. If you opt to save your payment information during checkout, that information is stored at FoxyCart. We don't have access to your payment details except for the last 4 digits, the card type, and the expiration date.

Site Tools