Privacy Policy
Data Security
Terms of Use

Data Security

Data security is of enormous importance to us, and we take vital steps to safeguard your information. We have partnered with Braintree, a PayPal Company, to accept credit cards safely and securely for our customers.

All API and other online communication between JumpingJack and Braintree is conducted using TLS (Transport Layer Security).

Braintree, a PayPal Company

Braintree's environment meets the highest industry standards and guidelines. The following security specifications are provided by Braintree:

Level 1 PCI compliant

Braintree is a validated Level 1 PCI DSS compliant service provider.

No prohibited data storage

We don't store raw magnetic stripe, card validation code, or PIN block data.

Data encryption via the Braintree Vault

Cardholder data is managed in the Braintree Vault, using multiple encryption keys with split knowledge and dual control. A data thief would not be able to make use of information stolen from a database without also having the key. This data store cannot be connected to via the internet.

Activity monitoring and testing

We review and observe employee, customer, and vendor activity to guard against suspicious or unauthorized activities. We conduct automated vulnerability scans at least quarterly, and at least once a year we have extended penetration testing conducted by outside sources.

Last Revision:  7/21/2017