Stripe will only use your verification data in accordance with the consent you granted before starting the verification process and our Privacy Policy. If a business used Stripe to verify your identity, be sure to review the privacy policy of that business to learn more about their use of your personal data. Don’t forget to reach out to that business if you’d like to delete the data that Stripe is storing on their behalf, as well as any other copies they may have created on their systems.
If you’d like to withdraw your consent, access your information, or disallow Stripe’s use of your submitted identity data, please contact us by emailing privacy@stripe.com.
Don’t forget to reach out to the business that requested your verification if you’d like to delete the data that Stripe is storing on their behalf, as well as any other copies they may have created on their systems.
See answers to more questions about how Stripe Identity works.
1. Reach out to the business that requested your verification if you’d like to delete the data that Stripe is storing on their behalf, as well as any other copies they may have created on their systems. Stripe cannot delete this data itself because Stripe is acting as a data processor when storing the data on behalf of the business that requested your verification.
2. Get in touch with Stripe by emailing privacy@stripe.com to delete data collected and stored during the identity verification process that is used by Stripe as an independent controller.
Upon receiving a verifiable deletion request, Stripe will no longer use your submitted identity data for Stripe’s own purposes. Note, however, that unless the business that requested your verification has deleted it, Stripe will retain copies of your submitted identity data—the images of you and your ID as well as any typed or extracted data and the verification results and insights, as a processor on behalf of the business who requested your verification. Please also note that Stripe may retain your personal data where permitted by law, including to comply with our legal obligations. For example, Stripe may not be able to delete data because of legal retention requirements, such as if your data was used to verify you to meet Stripe’s anti-money laundering requirements. You can read more about our retention practices in our Privacy Policy.
If you gave consent for Stripe to use your biometric information, and would now like to revoke that consent going forward, you can also let us know by emailing privacy@stripe.com.
As a reminder, if you gave only consent for Stripe to verify your identity and for fraud and security purposes, the biometric identifiers used to make the initial verification are fully removed from our systems within one year. If you gave consent to improve Stripe’s verification technology, the biometric identifiers that are occasionally created to improve our systems likewise within one year of creation.
Stripe Identity is built based on expertise we’ve developed from building a global infrastructure that handles hundreds of billions of dollars in payments annually. We use learnings from building a bank-grade infrastructure to help keep verification data safe as well.
We transfer verification data via TLS encrypted connections and use AES-256 encryption at rest. To prevent unauthorized access or use of verification data, we’ve implemented additional access controls to protect your confidential and sensitive information held by Stripe. This will keep the most sensitive data accessible only to those who have reason to access it.
Learn more about the safeguards we've put in place to protect data transfers and control access.
In those instances when Stripe is conducting ID verifications on behalf of the business that requested your verification, you are also granting consent for that business to use and access information captured as part of the verification flow. Specifically the business will have access to: captured images of the ID document, selfies, extracted data from the ID document, keyed-in information, and the verification result. Stripe will not share the biometric identifiers used to verify you.
Owners, admins, and individuals with permission granted by the business that requested your verification have access to your information through the Stripe Dashboard. The business can also access your information through the API with the use of restricted API keys.
As part of the ID verification process, we may send information, including captured images, addresses, and other information provided to Stripe, to third party service providers for review. Stripe may work with third party service providers to check the submitted information against third party owned and managed data sources (such as government-issued databases and others) to help confirm the identity in question. This will only happen in situations where our automated verification technology cannot make a decision with confidence. These third parties are held to the same standards we use for sub-processors.
Learn more about the Stripe entities involved in processing your personal data.
Stripe stores information collected during the verification process on behalf of the business that requested the verification and in some cases on our own behalf as a data controller.
The biometric identifiers created to conduct the verification will be fully removed from our systems within one year.
We will typically store the rest of your submitted identity information for 3 years. This includes all images captured, data captured from your interaction with Stripe (e.g., browser type and IP address), data extracted from your ID document including name, date of birth, and ID number, and any information submitted via forms such as name, date of birth, SSN in the US, email, and phone number, and the verification response.
However, the business who requested your verification or Stripe may have a reason under applicable law to store your data for a longer period. For example, this data may need to be stored for a longer period to comply with anti-money laundering or sanctions laws if it was used to conduct a verification to meet a legal Know Your Customer (KYC) requirement. Please review the privacy policy of the business who used Stripe to verify your identity to learn more about that business’s retention practices.
We also capture common web analytics metadata such as your browser type, operating system, camera type, and IP address—which is sent by your browser to each website you access. Depending on how the business who requested your verification configured Stripe Identity, we may also collect advanced fraud detection signals from your browser. We retain this information to help us prevent fraud, identify bugs and improve our services and may keep it longer as permitted by law and our privacy policy.
Stripe may act as either a data processor or controller for your verification data. A “controller” is the main decision-maker that exercises overall control over the purposes and means of the processing of personal data. A “processor” acts as a service provider on behalf of and upon the instruction of the relevant controller (learn more).
Stripe is a data processor when we use data captured to verify your identity on behalf of the business that requested our services. This means that if you’d like to delete the data we are storing on behalf of the business, you will need to reach out to the business directly and they will need to take action to delete this data from our systems.
When Stripe is verifying your identity to comply with its own legal obligations or using your submitted data for fraud prevention and security purposes, Stripe is acting as a data controller. Stripe is also a data controller of non-biometric data like images of your ID documents, extracted data, web metadata, and in some cases advanced fraud detection signals. We are a data controller of your biometric data as well for fraud and security purposes, and also for improving our biometric verification technology where you’ve provided consent.
Stripe calculates risk for various attributes of an identity verification attempt, including the likelihood that the ID document has been manipulated. Stripe then shares this information, along with a summary of identity fraud detection signals with the businesses that rely on Stripe’s products and services.
We are also processing and storing your verification data in the United States, no matter where you are based or where the business that requested verification is located.
We will only use your data as outlined in our Privacy Policy. This includes situations where we use information collected from you to identify and combat fraud, and authenticate you in other interactions with Stripe or Stripe merchants.
Learn more about the Stripe entities involved in processing your personal data.
Data |
Purpose |
Retention Period |
Biometrics |
Verification, fraud and security purposes |
Up to one year |
Biometrics |
Improve Stripe's biometric technology (where separately agreed to) |
Up to one year |
The Act on Prevention of Transfer of Criminal Proceeds is a law enacted to prevent money laundering and terrorist financing. Among other things, it mandates strict identity verification for specified business operators such as financial institutions. These specified business operators may utilize e-KYC methods to verify individual customers. However, because Stripe’s product does not verify the thickness of the submitted identity document, Stripe Identity does not fully satisfy the requirements for e-KYC under the Act.