Employee PCI Compliance Form

• “PCI” Stands for Payment Credit Card Industry, which includes the Major Card Brands, Associated Banks, and any company or persons who processes credit cards, like You’re Fired, and its employees.

• Our POS System does not collect or store any credit card information whatsoever. It is a cloud based product that we use to collect customer name, email, and phone numbers along with items purchased sales history. It is run on our Studios Apple Mac Computer, which connects through secured Wi-Fi to the Comcast modem (the You’re Fired Wi-Fi network), and then to the Internet through Comcast’s gateway. • Neither the computer, nor any software on the computer, nor our POS Cloud storage ever collects, stores, or uses credit card information. • The Apple Mac computers employ firewalls, and multiple levels of access passwords to the non credit card data that we do store to run the business. Your passwords are to be kept secure.

• The credit card terminals that we use, are PCI compliant. They connect via a hard wire to the Comcast Router. They allow for encrypted collection and transmission of credit card info via swipe, chip, or contactless methods (EMV and NFC) like Apple pay, and Google pay, to our Credit Card Processor. • The customer handles the transaction, eliminating the need for staff to ever touch a credit card. • No Credit card information is stored on this terminal.

• Vantiv is our credit Card processor, and they are the only entity that stores encrypted customer credit card data, on their secured servers. • Lightspeed perform regular monthly PIC compliance testing of our network, computer, and credit card terminals.

• In the rare circumstance that a customer calls in with credit card payment, you are to enter the information directly as they read it to you. Do not write the information down, or even repeat it out loud.

• Through our website, customers can make certain payments (like Gift certificates and Camp Purchases) through our PayPal account. In these instances, PayPal handles the Credit Card Processing, and net payment is deposited directly to our bank. No credit card or payment info is ever shared or passed along to us, other than the amount of the final transaction, and whom it is from.

By signing and submitting this electronic compliance form you are acknowledging that you have read it, and agree to comply where and how required.