When Your application demands your clients to enter their info on their unique gadgets, Then you definitely qualify for SAQ A. This enables all organizations—from substantial providers to startups and smaller and medium enterprises, which can not have the requisite security infrastructure and personnel—to remain protected and PCI DSS compliant. https://www.nathanlabsadvisory.com/blog/nathan/effective-gdpr-compliance-solutions-in-the-uae/