Compliance

Ecommerce Website Requirementsanchor

Card brand rules generally require merchants on all platforms (web pages, apps, invoices, or contracts) to have policies that clearly disclose certain business information and cardholder rights to potential customers. The specific policy requirements may vary depending on the location where you operate, the card brands you accept, and your business model.

Braintree requirementsanchor

To help ensure that our merchants maintain the required policies, Braintree performs periodic reviews of our merchants’ websites. You can avoid being flagged by our Risk team by ensuring that the following information is clearly disclosed to your customers:

  • Contact information
  • Pricing
  • Refund or cancellation policies
  • Privacy/personally identifiable information policies
  • Delivery time frame (if you are shipping physical goods)

Contact information requirementsanchor

Any of the following are considered sufficient contact information:

  • A listed email address
  • A listed phone number
  • A physical mailing address
  • 2+ social media accounts

Pricing informationanchor

Pricing should be made clear to customers on your site before they complete a payment with you.

Custom pricinganchor

If your pricing is only available in a custom contract or once an invoice has been drafted, you'll need to ensure that customers agree to pricing and can easily locate your contact information, privacy policy, and a refund/cancellation policy in the contract or invoice.

Members-only pricinganchor

If your pricing and policies are only visible to members on your site, you'll need to make it clear that pricing is available upon login. We also recommend that you make your contact information, refund/cancellation policy, and privacy policy readily available on your site for both members and non-members.

Donation pricinganchor

A donation page with preset donation amounts, as well as custom donation options, is acceptable for non-profit organizations.

Mobile paymentsanchor

If you only accept payments via a mobile app or mobile website, you’ll need to either meet all ecommerce website requirements within your mobile platform, or provide links to the requirements on your full site.

Refund and cancellation policiesanchor

No matter what your refund policy is – even if it is that you don't offer refunds – it must be present on your website. At minimum, your refund/cancellation policy should detail:

  • Whether or not you provide refunds
  • What conditions must be met to be eligible for a refund
  • Whether there are any fees associated with refunds or cancellations

Privacy policyanchor

Your privacy policy can be simple, but it must include the following:

  • What information you collect from your customers
  • What you do with that information

PayPal requirementsanchor

PayPal requires that certain items be present on your website and/or mobile app before you can accept PayPal payments via Braintree. When entering your PayPal credentials in the Braintree Control Panel, you will need to provide links to the following pages on your website:

  • Privacy policy
  • Terms and conditions

Terms and conditionsanchor

This type of agreement typically includes sections that address the following:

  • Disambiguation/definition of key terms and phrases
  • User rights and responsibilities
    • Proper or expected usage; potential misuse
    • Accountability for online actions, behavior, and conduct
    • Privacy policy outlining the use of personal data
    • Payment details such as membership or subscription fees
    • Opt-out policy describing the procedure for account termination (if available)
  • Disclaimer/limitation of liability clarifying the site's legal liability for damages incurred by users
  • Whether users will be notified upon modification of terms

For more information and examples on how to keep your website compliant with card brand rules, check out our blog post.