Yes. If your business accepts payment cards, it must be PCI DSS compliant. Rebilly helps you minimize your compliance burden, by keeping all sensitive cardholder data off of your systems -- in fact, never transmitted through your systems.
If you have cardholder data transmitted through your systems, you need to fill out, what is called the SAQ-D. To do it honestly and properly will take anywhere from 1-6 months, depending on your preparedness. However, since we eliminate all storage and transmission of cardholder data by using either our FramePay or hosted checkout pages, you can fill out a simple SAQ-A in a matter of minutes.
If you have any questions or need assistance with implementing Rebilly, please contact us. You can email us at firstname.lastname@example.org, chat with us or schedule a talk with a billing specialist below.