Sales: (561) 208-6406 ext 110.

  Appsuite Login

REQUEST A DEMO

Credit Card Security Policy

Last Updated: August 6, 2025

At Appsuite, your trust and the security of your payment information are our top priorities. Whether you’re purchasing a gift card, placing an online order, or participating in a loyalty program, we are committed to protecting your credit card data with industry-leading security practices.

1. No Credit Card Storage

Appsuite does not store credit card numbers or sensitive payment data on our servers. Instead, we rely on secure, PCI-compliant payment processors who specialize in handling financial data.

2. Tokenization for Payment Security

To protect your card information during and after transactions, we use tokenization — a security technology that replaces your credit card number with a unique, non-sensitive identifier (a “token”).

  • This token is stored in our securely in our system  and used to facilitate recurring transactions for fast checkouts.
  • These tokens cannot be used outside of our platform or reverse-engineered to obtain your card information.

All tokenized data is encrypted and transmitted using TLS 1.2 or higher, ensuring end to end encryption

3. PCI Compliance

Appsuite and our payment partners adhere to the Payment Card Industry Data Security Standard (PCI DSS), a global standard for securing cardholder data.

  • We only work with Level 1 PCI-compliant payment gateways, the highest level of certification.
  • PCI requirements are embedded in our software development life cycle (SDLC), including secure coding practices and vulnerability scanning.
  • All systems that handle payments undergo regular security audits and vulnerability scans.
  • Our comprehensive information security policies are designed to reflect PCI DSS v4.0 controls, including least privileged access controls, patch management, change controls and logging and monitoring.

4. Secure Transmission and Encryption

All payment data transmitted between your device and our servers is protected using TLS (Transport Layer Security) encryption — the same technology used by banks and financial institutions.

  • All communication is encrypted in transit
  • Sensitive data is never transmitted or processed over unsecured channels.

5. Access Control and Privilege Management

  • Only authorized Appsuite IT staff have access to systems involved in token or transaction handling, and this access is based on role-based access controls (RBAC) and least privilege principles.
  • All access to sensitive systems is logged, monitored, and reviewed 6. Data Retention and Disposal
  • Credit card tokens and associated metadata are only retained as long as contractually or operationally necessary.
  • Data subject to disposal is securely wiped or cryptographically destroyed
  • Backup systems storing payment metadata (not cardholder data) are encrypted and access-controlled.

6. Anti-Virus and Patch Management

  • All Appsuite systems undergo regular patching cycles to ensure protection against vulnerabilities
  • Vulnerability scans are conducted routinely on systems that interface with payment platforms.

7. Firewall Protection and Intrusion Detection

  • Appsuite uses layered security to protect systems that handle payment transactions. All servers are behind network and application firewalls configured to block all traffic by default, only allowing approved traffic. Firewall rules are reviewed regularly and managed under change control.
  • We also run intrusion detection on both the host and network level to catch unauthorized access, unusual behavior, or potential attacks. Alerts are monitored in real time and tied into our logging system. Any suspicious activity triggers investigation under our incident response plan.8. Protecting Your Account
  • While we take every step to protect your data, you also play a role in safeguarding your information:
    • Use strong, unique passwords for your Appsuite account.
    • Do not share your account credentials.
    • Monitor your payment card statements regularly and report any suspicious activity.

8. Questions or Concerns

For questions concerning your online account, the service provided by a participating restaurant, refunds or any other general questions, please contact the participating restaurant.

If you have questions about how your payment data is handled, or if you suspect unauthorized use of your account, please contact us immediately:

Email: security@appsuitecrm.com
Phone: (561) 208-6406
Website: www.appsuitecrm.com