Payment Security & Transmission Policy

Effective date: 15 September 2025

Payment processing: All card payments are processed through Stripe. Repattern Studio never stores raw credit/debit card numbers on our servers. Sensitive payment data is transmitted directly to Stripe via secure, encrypted channels.

PCI compliance: By using Stripe as our payment processor, we delegate the majority of PCI DSS responsibilities for card data handling to Stripe. We maintain relevant contractual and technical controls to ensure payment data is transmitted and processed securely.

Access controls: Administrative access to payment-related dashboards is limited to authorized staff only and protected with multifactor authentication (MFA).

Data breach response: In the unlikely event of a security incident affecting customer data, we will notify affected customers and relevant authorities in accordance with applicable law and our incident response procedures.