PRIVACY STATEMENT:
Pennsylvania Playhouse respects your privacy. You may opt out of all mailings and emailings. We store your personal information on a secure server, and we will not trade, sell, or otherwise share your personal information (name, address, phone number, or email) with any other party. We do not record your credit card number after a sale is complete.

 

 

SECURITY STATEMENT:
The Pennsylvania Playhouse utilizes Ticket Turtle for online credit card purchases.  All transactions are in U.S. Dollars.

Ticket Turtle is 100% PCI compliant to credit card processing and storage regulations.

Self-assessments and vulnerability scans are run every 90 days per PCI compliance standards:

Network devices certified as HACKER SAFE are tested daily and certified to pass all external vulnerability audit recommendations of the Department of Homeland Security's National Infrastructure Protection Center (NIPC) and the requirements of the Payment Card Industry Data Security Standard (PCI-DSS). HACKER SAFE certification also meets the requirements for network vulnerability audits of the CHILDREN'S ONLINE PRIVACY PROTECTION ACT OF 1998, the HEALTH INSURANCE PORTABILITY AND ACCOUNTABILITY ACT OF 1996 (HIPAA), the GRAMM-LEACH-BAILEY ACT (GLBA) protecting financial information, and the SARBANES-OXLEY ACT (SOX).

PCI COMPLIANCE - Signifies device is compliant with the remote vulnerability audit requirements of the Payment Card Industry Data Security Standard (PCI-DSS), Visa USA's Cardholder Information Security Program (CISP), Visa International's Account Information Security (AIS) program, MasterCard International's Site Data Protection (SDP) program, the American Express Data Security Standards (DSS), and Discover Card's DISC program.

Ticket Turtle systems are scanned by vendor McAfee, under certificate number 3709-01-01 in the framework of the PCI data security initiative and took into consideration security requirements as expressed in the MasterCard SDP Security Standard.

As a Qualified Independent Scan Vendor, McAfee is accredited by Visa, MasterCard, American Express, Discover Card and JCB to perform network security audits conforming to the Payment Card Industry (PCI) Data Security Standards.

To earn validation of PCI compliance, network devices being audited must pass tests that probe all of the known methods hackers use to access private information, in addition to vulnerabilities that would allow malicious software (i.e. viruses and worms) to gain access to or disrupt the network devices being tested.

Sites are tested and certified daily to meet all U.S. Government requirements for remote vulnerability testing as set forth by the National Infrastructure Protection Center (NIPC). They are also certified to meet the security scanning requirements of Visa USA's Cardholder Information Security Program (CISP), Visa International's Account Information Security (AIS) program, MasterCard Internationals's Site Data Protection (SDP) program, American Express' CID security program, the Discover Card Information Security and Compliance (DISC) program within the framework of the Payment Card Industry (PCI) Data Security Standard.