Your answer doesn't make sense.
Linked in the information you shared, is this post from security metrics.
https://www.securitymetrics.com/blog/pci-dss-compliance-faq
In that post is the following information.
"Who is required to become PCI compliant?"
"All businesses that process, store, or transmit payment card information are required to comply with the PCI DSS."
So someone who uses Quickbooks online and sends an invoice link for payment under those guidelines are not doing any of those things because...
- QB Servers are transmitting that information.
- QB servers are storing the information.
- QB merchant services is processing transactional information.
There is no where in the processing stack that someone using Quickbooks online and Quickbooks payments with payment links can control how the data is handled and therefor makes zero sense for that business to take on that responsibility.
