How do you get around being PCI-Compliance? My site uses Sagepay to accept payments but they get directed to Sagepay so we don't see any card info at all. They're on Sagepays website when all sensitive information is sent. Does that mean we have to be PCI Compliance? Seems like a scam to me. Anyways if anyone knows ways around this or what to do please let me know. I'm currently with Streamline for my merchant number and Natwest for the business bank, we then use Sagepay to process payments.