We’ve Got You Covered! Gladly’s Now PCI Compliant

Gladly Team

Read Time

4 minute read

Ready to see what radically personal customer service looks like? Sign up for a free demo with Gladly today.

According to a recent PwC survey, 87% of consumers say they will take their business elsewhere if they feel a company isn’t handling their data responsibly. That’s an incredibly impactful statistic for the modern contact center today which deals with an immense volume of sensitive customer data on a daily basis. And it also underscores the importance of having a customer service software that handles that information, whether it’s sent over phone, email, chat, or social media, in a secure, reliable manner.

At Gladly, we put a lot of time, effort, and thought towards the security and integrity of our platform. Because we believe it not only gives our customers peace of mind, but it’s important for their customers as well to feel that their important, sensitive information is kept safe and secure.

That’s why we are so pleased to announce that Gladly is now officially PCI compliant. Gladly’s journey towards PCI compliance is but one of the steps we’re taking as part of our overall commitment to providing the highest standard of service to our enterprise customers.

What does Gladly’s PCI compliance mean for you?

Well, if you’re a company that accepts credit card payments from customers, and you store, process, or transfer that information, you’re legally required to have safeguards in place (as mandated by the PCI Security Standards Council) to keep that information secure.

And that requirement extends to the third-party platforms and services that you use to help your customers as well, even if the primary purpose isn’t to process or store credit card information.  If there’s any possibility that such information may be exchanged over the platform or service, it must be PCI compliant.

Here are a few ways that we safeguard sensitive customer information in Gladly:


  • Automatic credit card redaction: Any credit card information provided by a customer over email, SMS, live chat or Facebook Messenger is automatically redacted to just the last four digits, before the information ever reaches our systems.
  • Pause and delete call recordings: If a customer needs to share sensitive information during a voice call (e.g. credit card or social security numbers) agents can pause the call recording so that information doesn’t get stored on our systems. And when they’re accidentally shared, that recording can just be deleted altogether.
  • Encryption of, and restricted access to, customer information: All communications within Gladly are secured with industry-standard HTTPS, and all stored data is encrypted to ensure customer information is protected end-to-end. Companies can also restrict access to customer information to a strictly need-to-know basis.


  • Secure systems and applications: We regularly monitor and update our systems to reduce potential vulnerabilities, including bi-annual penetration testing, monthly security scanning, and regular internal compliance audits.
  • Annual third-party audits: Our security processes are audited annually by external auditors to ensure we maintain high standards when it comes to protecting customer information.
  • Automatic security key rotation: Beyond simply encrypting sensitive data, encryption keys are regularly rotated, on an automated basis, to ensure that user data is properly secured.
  • Compliant data retention policies: Gladly maintains strict data retention policies to ensure that customer data is stored only when absolutely required.


  • Regular security training:  All employees undergo mandatory security best practices training on joining Gladly, with regular, recurring updates.
  • Security and Compliance: Our Security and Compliance team is focused on ensuring the strict enforcement of our standards and policies.
  • Security-first culture: We’ve prioritized a security-first culture at Gladly, because simply having secure policies is not enough — it’s on the people to not only execute on those policies, but consider security in every action they take. Security is integrated into our everyday processes (from how we hire, to how we handle visitors at Gladly) as well as every feature we build (all the way from its initial planning, through its life cycle).

Gladly’s PCI compliance is a testament to the high standards that we set for ourselves, and we look forward to not only maintaining, but always improving on how we make our platform more secure.

If you’d like to see how Gladly helps deliver a modern customer experience securely,  reach out to us at hello@gladly.com.

Shun Chen is the VP of Product at Gladly where he helps drive the roadmap and direction for the platform. Gladly is a customer service platform that focuses on people at the heart of it, not tickets or cases. Built for the 21st-century consumer, Gladly enables companies to converse seamlessly in a lifetime of conversations across voice, email, messaging, chat and social media. Agents are empowered, customers feel known, and companies increase love, loyalty and lifetime value through empathetic conversations. Click here to learn more about what we do and how we do it.