SECURITY & COMPLIANCE

Last updated: December 8, 2025

Rackz is a read-only analytics platform. We do not process payments and we do not modify your Stripe, PayPal, or Shopify systems.

1. Read-Only Access

Rackz connects to payment providers using secure OAuth connections with read-only permissions.

Rackz does not:

  • store full credit card numbers or CVV data
  • process payments
  • initiate charges, refunds, payouts, or configuration changes
  • act on your behalf in Stripe, PayPal, or Shopify

All sensitive data remains with your payment providers.

2. Data Encryption

We use industry-standard encryption:

  • HTTPS/TLS for all data in transit
  • encrypted storage for system logs and account data

3. Infrastructure and Security Measures

Rackz applies a layered security approach that includes:

  • role-based access control
  • secure cloud infrastructure
  • regular internal reviews and logging
  • monitoring for unusual activity

We do not guarantee that all security risks or vulnerabilities can be prevented.

4. Compliance

Rackz itself is not required to be PCI DSS certified because:

  • Rackz does not process card payments
  • Rackz never stores full cardholder data

Stripe, PayPal, Shopify, and other providers maintain their own PCI compliance.

5. Service Availability

Rackz aims for strong uptime but does not guarantee uninterrupted service or real-time accuracy of third-party data.

Platform outages from Stripe, PayPal, Shopify, or other providers are outside our control.

6. Reporting Security Issues

If you believe you've found a security issue, please contact us:

info@getrackz.com

We will review the report and respond as quickly as we can.