Is my payment information secure?

Yes. Your payment data is as secure as ordering from Amazon or any major e-commerce platform. We use the same security standards—and we never see your full card details.

How payment security actually works

The honest explanation: We don't handle your payment information ourselves. It goes directly from you to Stripe (our payment partner) in encrypted form. Stripe is PCI-DSS Level 1 certified—the highest security standard in the payment industry.

What this means for you: Your card details never touch our servers. We can't see them, we can't store them, we can't accidentally leak them.

Here's what happens when you pay

1. You enter your card details

On our checkout page (secured with TLS 1.2+ encryption).

2. Data goes straight to Stripe

Your card number is encrypted and sent directly to Stripe's servers—not ours.

3. Stripe processes the payment

They communicate with your bank, verify funds, and complete the transaction.

4. We get a token

Stripe sends us a token (like "tok_1234abcd") that represents your payment—not your actual card details.

5. Confirmation

We use that token to complete your order. You get your workwear, we get paid, everyone's happy.

Security measures we use

PCI-DSS Level 1 Certification

What it is: The highest security standard for payment processing, maintained by major card networks (Visa, Mastercard, etc.).

What it requires:

• Encrypted transmission of cardholder data
• Secure network infrastructure
• Regular security audits
• Access control restrictions
• Monitoring and testing networks

Who has it: Stripe (our payment partner). This is the same certification Amazon, Shopify, and every major e-commerce platform requires.

3D Secure Authentication

What it is: An extra security layer that asks your bank to verify your identity during payment.

How it works:

• After entering card details, your bank may ask for verification
• This could be a code sent to your phone, a fingerprint scan, or a password
• Confirms it's actually you making the purchase (not someone who stole your card)

Why it matters: Reduces fraud and protects you from unauthorized charges.

TLS 1.2+ Encryption

What it is: Transport Layer Security—the technology that encrypts data traveling between your browser and our website.

What it means: Anyone trying to intercept your payment data would see random encrypted gibberish, not your actual card number.

How to verify it: Look for the padlock icon in your browser's address bar. That confirms encryption is active.

Tokenization

What it is: Replacing sensitive data with a non-sensitive equivalent (a token).

How it helps:

• We store tokens, not card details
• If someone hacked our database, they'd find useless tokens—not actual card numbers
• Tokens can only be used by Stripe, not by bad actors

No Full Card Storage

What we DON'T do:

• Store your full card number
• Store your CVV (security code)
• Store your card expiration date in plain text

What we DO store:

• Last 4 digits of your card (for reference: "Ending in 1234")
• Card brand (Visa, Mastercard, etc.)
• Token from Stripe (useless to hackers)

What about invoice payments?

No payment data to store. Invoice payments don't involve card details at all—just bank transfers based on invoices we send.

Bank account info: We never see your bank account details. You transfer money to our account using the IBAN we provide on the invoice. Your bank handles the security.

Are local payment methods secure too?

Yes—same security standards. Whether you pay with iDEAL (Netherlands), Swish (Sweden), or Finnish online banking, Stripe handles those transactions with the same security measures.

Direct bank connections: Many local methods connect directly to your bank—meaning your payment data never even touches a third party.

Credit checks and your data

Soft checks only: When you apply for invoice payment, we use "conditional inquiries" (Konditionsanfrage) that don't affect your credit score.

What data is checked:

• Company registration status
• VAT ID validity
• Payment history (if available in credit bureaus)

What we DON'T check:

• Personal credit scores
• Individual owners' bank accounts
• Private financial information

What if payment data is compromised?

Our responsibility:

• Notify affected users immediately
• Work with authorities to investigate
• Provide guidance on next steps

Your protection:

• Contact your bank to freeze the card
• Most banks offer zero-liability fraud protection (you're not responsible for unauthorized charges)
• 3D Secure authentication reduces risk of unauthorized use

Stripe's security: Stripe processes billions in payments annually and has a dedicated security team monitoring for threats 24/7. If they detect suspicious activity, they block it automatically.

Two-factor authentication for your account

We recommend enabling 2FA for your Droppe account (separate from payment security):

• Adds extra protection to your login
• Requires your password + a code from your phone
• Prevents someone from accessing your account even if they guess your password

Learn more: How do I enable two-factor authentication?

Our philosophy on payment security

Trust is everything. If customers don't trust us with payment information, we don't have a business. That's why we partner with Stripe—they're the industry standard for a reason.

Transparency beats obscurity. We could say "your data is secure" and leave it at that. Instead, we explain how it's secure. You deserve to know.

Zero tolerance for data breaches. We take security seriously. Regular audits, monitoring, and strict access controls are standard—not optional.

Questions about payment security?

Still concerned about card security? Use a local payment method or invoice payment instead.

Want to see our security certifications? Contact us and we'll provide documentation.

Noticed suspicious activity? Alert us immediately so we can investigate.

Related articles:

• What payment methods do you accept?
• Can I pay by invoice?
• Which payment methods are available for my country?

Updated on: 06/11/2025