PayPal is committed to protecting the privacy of our users. When you send or request money using PayPal, recipients never see your bank account numbers or credit card numbers. They only see your email address, date of sign-up, and whether or not you have completed PayPal's Verification process.
Once your information reaches the PayPal site, it resides on a server that is heavily guarded both physically and electronically. PayPal servers sit behind an electronic firewall and are not directly connected to the internet, so your private information is available only to authorized computers.
Data storage on WorldPay systems, and the communication between WorldPay and the worldwide banking networks, is regularly audited by the banking authorities to ensure a secure transaction environment. We also ensure that we stay up-to-date with the latest versions of any third-party code we use, and continually review our own proprietary code.
Braintree is a validated Level 1 PCI DSS Compliant Service Provider. We never store raw magnetic stripe, card validation code (CAV2, CID, CVC2, CVV2), or PIN block data. Storage of this data is prohibited by the PCI DSS. All communication between merchants and us is conducted in a secure fashion using TLS (Transport Layer Security).