Your site will still need to undergo PCI compliance, either with a SAQ A or SAQ A EP, depending on how the application sends the data to Paypal.
Per the PCI Council:
SAQ A: All elements of the payment page(s) delivered to the consumer’s browser originate only and directly from a PCI DSS validated third-party service provider(s)
SAQ A-EP: Each element of the payment page(s) delivered to the consumer’s browser originates from either the merchant’s website or a PCI DSS compliant service provider(s)
Overall, the concern is to ensure that the site that is performing the redirect is secure. There is a chance that the site is modified so that the iFrame, direct POST, or other means could be sent to a malicious site.