Forgive me if the answer to this general question should be obvious. I am setting up a typical donation form using Gravity Forms and WordPress Click & Pledge plugin, which sends transactions to Click & Pledge. Are we technically "processing" the payments on OUR server, or is the processing occurring externally on Click & Pledge's servers? I am curious for security and PCI compliance reasons. We we responsible for certifying our server/software's PCI compliance, or is does this happen only on Click & Pledge's end? And would we qualify, for example, for a host like WP Engine which does not allow "payment card data [to be] stored, hosted, or otherwise processed" on the server?
https://wpengine.com/support/wp-engi...ci-compliance/
https://wpengine.com/support/wp-engi...ci-compliance/
Comment