This document outlines the various standards with which SparkFun is compliant. For information on compliance with laws or legal authorities please see our Guidelines for Law Enforcement.
SparkFun is fully compliant with the Payment Card Industry Data Security Standard (PCI-DSS) version 2.0. This standard covers the secure handling of cardholder data:
Any personally identifiable data associated with a credit card holder. This could be an account number, expiration date, name, address, social security number, etc. All personally identifiable information associated with the cardholder that is stored, processed, or transmitted is also considered cardholder data.
Please do not send any of your cardholder data over email or chat.
SparkFun passes cardholder information through our servers to our payment gateway provided by FirstData. As such SparkFun is required to complete a Self Assessment Questionnaire at level D annually.
SparkFun is also responsible for quarterly automated PCI scans by an approved scanning vendor (ASV). Our current ASV is VikingCloud.
RoHS = Restriction of Hazardous Substance Directive
Where the symbol RoHS appears, the product meets the requirements set by the European RoHS Directive (2011/65/EU) up to and including amendment (EU 2015/863), to the best of our knowledge.
The RoHS Directive aims to prevent the risks posed to human health and the environment related to the management of electronic and electrical waste.
It does this by restricting the use of certain hazardous substances in EEE [electrical and electronic equipment] that can be substituted by safer alternatives. These restricted substances include heavy metals, flame retardants or plasticizers.
The Directive promotes the recyclability of EEE, as EEE and its components that have become waste contain fewer hazardous substances. At the same time, it ensures a level playing field for manufacturers and importers of EEE in the European market.