The PCI-DSS compliance level is different, respective the way you are integrating billwerk in the checkout process:
- When you are using the billwerk generated and hosted self-service signup page or the billwerk payment form (inside an iFrame): SAQ A
- When you are using your own forms and SubscriptionJS for checkout: SAQ A-EP
Very important: billwerk and your system are not allowed to receive, forward or store credit card data! This data is transferred directly from the customer's browser to the configured payment provider. (see also here)
You can find further information regarding PCI-DSS here: https://www.pcisecuritystandards.org/