# PCI DSS

<figure><img src="https://1182587842-files.gitbook.io/~/files/v0/b/gitbook-x-prod.appspot.com/o/spaces%2FHyzvhgDL3TrE6D5Hun93%2Fuploads%2FxjvyviRIpVGIow0b5aQ9%2Faivoiceplus_compliance.png?alt=media&#x26;token=29792f68-b839-4760-a259-36ee41e35707" alt=""><figcaption></figcaption></figure>

* *<mark style="color:purple;">**Secure Handling of Payment Data**</mark>*
  * PCI compliance is enabled, which allows for storing recordings in a PCI-compliant cloud storage solution or receiving transcripts through webhooks, ensuring sensitive financial data is handled securely and not retained without proper configuration.&#x20;
* *<mark style="color:purple;">**By default**</mark>*
  * ...we record and store logs and transcriptions for service quality improvement.
* *<mark style="color:purple;">**To ensure privacy**</mark>*
  * ...particularly in sensitive scenarios, it is crucial that we review and adjust the data retention and HIPAA compliance settings for ALL agents, according to your specific custom workflows. No guessing. Just simple secure add-ons.
* *<mark style="color:purple;">**Even with security measures in place**</mark>*
  * ...it is essential to follow best practices for data security, such as educating employees on security awareness and conducting regular audits.&#x20;

{% embed url="<https://stripe.com/guides/pci-compliance>" %}