At PandaDoc, we take data security seriously. To ensure complete protection of sensitive credit card information, we'd like to clarify our approach to handling such data.
Since PandaDoc is not PCI-compliant, we do not store, transmit, or process payment credit card data. All payments are processed by payment gateways.
To securely collect credit card information within PandaDoc, use the Card Details field (new editor) or Billing Details field (classic editor), integrated with Stripe. This field passes card data directly to Stripe — PandaDoc never stores it. You can learn more here.
Warning: Collecting credit card information anywhere other than the Card Details field (new editor) or Billing Details field (classic editor) is prohibited. This includes using text fields or masked fields to collect cardholder name, card number, expiration date, CVV, or card type — even partial card data such as the last four digits. Further information can be found in our Acceptable Use Policy, "Prohibited Data" section.
Already have credit card data stored in text fields? See PCI compliance and credit card collection in PandaDoc for how to identify and remove it.