Managing your ID verification information

Stripe will only use your verification data in accordance with the consent you granted before starting the verification process and our Privacy Policy. Be sure to review the privacy policy of the business that requested your verifications to learn more about their use of your personal data.

If you’d like to withdraw your consent, access your information, or disallow Stripe’s use of your submitted identity data, please contact us by emailing privacy@stripe.com.

Don’t forget to reach out to the business that requested your verification if you’d like to delete the data that Stripe is storing on their behalf, as well as any other copies they may have created on their systems.

Table of Contents

See answers to more questions about how Stripe Identity works.


How can I delete my submitted identity data?

1. Reach out to the business that requested your verification if you’d like to delete the data that Stripe is storing on their behalf, as well as any other copies they may have created on their systems. Stripe cannot delete this data itself because Stripe is acting as a data processor when storing the data on behalf of the business that requested your verification.

2. Get in touch with Stripe by emailing privacy@stripe.com to delete data collected and stored during the identity verification process that is used by Stripe as an independent controller.

Upon receiving a verifiable deletion request, Stripe will remove Stripe’s permissions to use your submitted identity data for Stripe’s own purposes. Note, however, that unless the business that requested your verification has deleted it, Stripe will retain copies of your submitted identity data—the images of you and your ID as well as any typed or extracted data and the verification results, as a processor on behalf of the business who requested your verification. Please also note that Stripe may retain your personal data where permitted by law, including to comply with our legal obligations. For example, Stripe may not be able to delete data because of legal retention requirements, such as if your data was used to verify you to meet Stripe’s anti-money laundering requirements. You can read more about our retention practices in our Privacy Policy.

If you gave consent for Stripe to use your biometric information to improve our verification technology, and would now like to revoke that consent, you can also let us know by emailing privacy@stripe.com.

As a reminder, if you gave only consent for Stripe to verify your identity, the biometric identifiers used to make the initial verification were never stored and were fully removed from our systems within 48 hours. If you gave consent to improve Stripe’s verification technology, the biometric identifiers that are occasionally created to improve our systems likewise are not stored and are removed from our systems within 48 hours of creation.  


How are you keeping my verification data safe?

Stripe Identity is built based on expertise we’ve developed from building a global infrastructure that handles hundreds of billions of dollars in payments annually. We use learnings from building a bank-grade infrastructure to help keep verification data safe as well.

We transfer verification data via TLS encrypted connections and use AES-256 encryption at rest. To prevent unauthorized access or use of verification data, we’ve implemented additional access controls to protect your confidential and sensitive information held by Stripe. This will keep the most sensitive data accessible only to those who have reason to access it.

Learn more about the safeguards we've put in place to protect data transfers and control access.


Who has access to the verification data captured?

Since Stripe is conducting ID verifications on behalf of the business that requested your verification, you are also granting consent for that business to use and access information captured as part of the verification flow. Specifically the business will have access to: captured images of the ID document, selfies, extracted data from the ID document, keyed-in information, and the verification result. Stripe does not retain and will not share the biometric identifiers used to verify you.

Owners, admins, and individuals with permission granted by the business that requested your verification have access to your information through the Stripe Dashboard. The business can also access your information through the API with the use of restricted API keys.

As part of the ID verification process, we may send captured images and keyed-in information to third party service providers for review. This will only happen in situations where our automated verification technology cannot make a decision with confidence. These third parties are held to the same standards we use for sub-processors.


What information are you collecting?

Stripe stores information collected during the verification process on behalf of the business that requested the verification and in some cases on our own behalf as a data controller.  

The biometric identifiers created to conduct the verification are not stored and will be fully removed from our systems within 48 hours.

We will typically store the rest of your submitted identity information for 3 years. This includes all images captured, extracted data from your ID document including name, date of birth, and ID number, and any information submitted via forms such as name, date of birth, SSN, email, and phone number, and the verification response.

However, the business who requested your verification or Stripe may have a reason under applicable law to store your data for a longer period. For example, this data may need to be stored for a longer period to comply with anti-money laundering or sanctions laws if it was used to conduct a verification to meet a legal Know Your Customer (KYC) requirement. Please review the privacy policy of the business who requested your verification to learn more about their retention practices.

We also capture common web analytics metadata such as your browser type, operating system, camera type, and IP address—which is sent by your browser to each website you access. Depending on how the business who requested your verification configured Stripe Identity, we may also collect advanced fraud detection signals from your browser. We retain this information to help us prevent fraud, identify bugs and improve our services and may keep it longer as permitted by law and our privacy policy.


Is Stripe acting as a data processor or controller?

Stripe may act as either a data processor or controller for your verification data. A “controller” is the main decision-maker that exercises overall control over the purposes and means of the processing of personal data. A “processor” acts on behalf of and upon the instruction of the relevant controller (learn more).

Stripe is a data processor when we use data captured to verify your identity on behalf of the business that requested our services. This means that if you’d like to delete the data we are storing on behalf of the business, you will need to reach out to the business directly and they will need to take action to delete this data from our systems.

We are also processing and storing your verification data in the United States, no matter where you are based or where the business that requested verification is located.

Stripe is a data controller of non-biometric data like images of your ID documents, extracted data, web metadata, and in some cases advanced fraud detection signals. If you also gave us permission to use your data to improve Stripe’s verification technology, we are a data controller of your biometric data as well.

We will only use your data as outlined in our Privacy Policy. This includes situations where we use information collected from you to identify and combat fraud, and authenticate you in other interactions with Stripe or Stripe merchants.