PCI Compliance Statement

Nimble AMS PCI Compliance Statement

We take your personal security very seriously. Nimble AMS is developed with the goal of protecting cardholder data in accordance with PCI standards and all information is handled in a PCI Compliant manner.

Nimble AMS stores only the account holder name, last four digits of the PAN PAN (Primary Account Numbers) and expiration date.

Nimble AMS does not under any circumstances store PAN or any other PCI relevant data, including card validation code (CVV, CVV2, CVC2, CID, CAV2, etc.), PIN, or magnetic stripe data.

Additionally, the Salesforce App Cloud®, on which Nimble AMS runs, is PCI DSS Level 1 compliant. (SOC report can be provided if needed)


Nimble AMS introduced BluePay Hosted Forms in Summer 19, which allows credit card information to be handled by Payment Gateway’s hosted forms thus allowing Credit Card information to never touch AMS infrastructure. Once the payment is processed, summary information is sent to Nimble AMS. This summary information does not include PAN or any other PCI relevant data, including card validation code (CVV, CVV2, CVC2, CID, CAV2, etc.), PIN, or magnetic stripe data. 

Related Resources

Salesforce Compliance Page