Case Study: DoNotPay achieves Zero Data PII protection and PCI compliance with Very Good Security

DoNotPay - Customer Case Study

DoNotPay, the automated "robot lawyer" founded by Joshua Browder that helps users fight parking tickets and other consumer rights cases, faced the challenge of collecting and processing large amounts of sensitive PII and payment data while remaining PCI compliant and minimizing liability. To solve this, DoNotPay engaged Very Good Security and adopted their Zero Data approach to remove sensitive data from DoNotPay’s systems and manage PII/PCI securely.

Very Good Security implemented a vaulting/tokenization solution so DoNotPay never stores raw PII or card data, enabling compliance, faster product development, and partnerships with providers like Plaid and Google APIs. The impact includes the ability to launch features (e.g., a price protection app) that otherwise wouldn’t have been feasible, increased credibility with partners, and an estimated cost avoidance of about $250,000 per year versus hiring two full‑time security engineers.

DoNotPay

Joshua Browder

Founder and CEO