Tufts University respects the privacy of its students, faculty, staff, alumni, donors and other customers and makes every effort to protect any personal information that it collects from them in conducting business. In conducting E-commerce transactions, such as credit card, debit card or ACH payments, it is necessary to collect personal financial information. We have taken great efforts to execute these transactions in the most secure means possible. By policy, the University does not collect personal information like credit card numbers itself; instead, we partner with an outside service provider that collects the information and executes the transactions on our behalf. The policy also specifies that the provider must be PCI DSS certified, which means that it has demonstrated that its systems and procedures meet the stringent security standards of the payment card industry. The provider is also required to certify in writing that it will keep this information confidential and not share it with any party unless that party needs it to complete the transaction.