My company only uses a website to process credit card payments. Nothing having to do with the credit card payments through that website is on any of my PC's, etc. Do I still have to get my PCI certification?
Anyone that stores, processes or transmits credit cards is subject to some sort of certification with respect to PCI. Your customers credit card information is being entered into an external website (whether by you or your customers) and as such you as the merchant are ultimately responsible for ensuring the data is being handled safely. Fortunately PCI has regulations in place that also extend to the companies that run these external websites (Service Providers) and they too must receive certification.
As you complete your PCI-DSS, the Self-Assessment Questionnaire (SAQ) should ask you whether you have validated that the Service Provider you chose is PCI Compliant. With an entirely hosted (Saas-based) application, that would mean that they would have achieved their PCI-DSS Service Provider Level 1 or Level 2 certification. Level 1 certifications can be verified online with Visa or MasterCard.
Level 2 Service Providers must submit their application through a Level 1 Service Provider to Visa and MasterCard, but should have some confirmation from either the Service Provider or Visa/MasterCard of their Service Level 2 certification and when it expires. As a merchant, your decision to enlist the services of an 3rd party to store, process or transmit your customers credit card data does not relieve you of the need to ensure that data is being handled pursuant to the PCI-DSS. The SAQ is the means by which the card brands ensure you remain engaged and are actively involved in ensuring the Service Provider receives/maintains their PCI certification.