Princh uses a PCI DSS Level 1 Service Provider, Adyen.
Princh has a global agreement in place with a payment gateway and acquirer to process electronic payments. Therefore, Princh does not have any need to store or process any cardholder- or payment data.
Adyen is the payment provider that owns and operates the payment gateway used by Princh Software to accept and process electronic payments.
Adyen holds the status of a PCI DSS Level 1 Service Provider, with PCI DSS compliance evaluated annually by an independent Qualified Security Assessor (QSA).
Adyen is solely responsible for the security of cardholder data as soon as Adyen receives the data through the relevant payment interface. The data is then contained in a PCI DSS Level 1 Service Provider Cardholder Data Environment.
Princh's responsibility lies in setting up the integration to the payment provider (pay by link or drop-in component) securely and in compliance with the integration documentation and PCI DSS level v.3.2.1 Self-Assessment Questionnaire A. It is important to note that Princh neither processes nor stores cardholder data; this responsibility solely rests with Adyen.
For inquiries regarding our PCI DSS v3.2.1 Self-Assessment Questionnaire A, please contact Princh Support at support@princh.com.