Your credit card information is encrypted in your browser via https and stays that way when it is sent to us. We do not decrypt your credit card information and we only hold it long enough to forward it – still encrypted – to our processing partner Stripe, a Level 1 PCI service provider. PCI Level 1 is the most stringent level of certification available, which means Stripe's security is tested every three months and audited every year. Stripe keeps your card information safe by encrypting the data using AES-256 — the same key the US government requires for top secret material — and isolating the encrypted card data from Stripe’s web-facing services so that it is inaccessible to bad guys.