PCI Compliance & SubscriptionBridge
Credit cards are not stored by SubscriptionBridge. Isn't it PCI compliant by default?
No. Since it contains a hosted checkout system (regardless of wheter you use it), it is considered a "payment application", and therefore must undergo PCI-DSS validation (any other service that contains a hosted payment page must do the same: don't let other companies mislead you).
Your business and PCI compliance
SubscriptionBridge is not a stand-alone system. On one side, it connects to your business (e.g. your Web site). On the other side, it connects to the payment system that you decided to use for processing recurring payments (e.g. Authorize.Net Automated Recurring Billing). For your entire business to be PCI compliant, you need:
In all cases, you should take the PCI DSS self-assessment questionnaire to find out if there are things you need to do (e.g. change some internal procedures) so that you - as a business - are PCI compliant.