Help Center
Is Eventbrite PCI compliant?
The Payment Card Industry Data Security Standard (PCI DSS) is a set of requirements designed to ensure that all companies that process, store, or transmit credit card information maintain a secure environment. Eventbrite complies with PCI-DSS 3.2.1 Level 1 as both a Merchant and a Service Provider. To learn more about PCI compliance, review the PCI Compliance Guide. Also, check out the Eventbrite Security & Safety Guide for more information.
We do not fill out privacy or security questionnaires upon request. All information regarding compliance can be found via the links below and in our various Legal Terms.
We are registered with both Visa and MasterCard as a PCI-compliant Service Provider.
We are regularly audited by a Qualified Security Assessor (Coalfire, Inc.).
We pass internal and external application and network penetration testing performed by independent security firms.
We are scanned at least monthly.
Our PCI Attestation of Compliance (AOC) and Quarterly Scan Attestation of Compliance are both available to download here.
Eventbrite employs a cross-functional team responsible for oversight of PCI Compliance.
NOTE: Eventbrite maintains a comprehensive privacy program, and we have a full-time legal and security team focused solely on protecting the privacy and security of our users. To learn more, take a look at the Security & Safety Guide and Privacy Policy.