If you’d like to withdraw your consent, access your information, or disallow Stripe’s use of your submitted identity data, please contact us by emailing firstname.lastname@example.org.
Don’t forget to reach out to the business that requested your verification if you’d like to delete the data that Stripe is storing on their behalf, as well as any other copies they may have created on their systems.
See answers to more questions about how Stripe Identity works.
1. Reach out to the business that requested your verification if you’d like to delete the data that Stripe is storing on their behalf, as well as any other copies they may have created on their systems. Stripe cannot delete this data itself because Stripe is acting as a data processor when storing the data on behalf of the business that requested your verification.
If you gave consent for Stripe to use your biometric information to improve our verification technology, and would now like to revoke that consent, you can also let us know by emailing email@example.com.
As a reminder, if you gave only consent for Stripe to verify your identity, the biometric identifiers used to make the initial verification were never stored and were fully removed from our systems within 48 hours. If you gave consent to improve Stripe’s verification technology, the biometric identifiers that are occasionally created to improve our systems likewise are not stored and are removed from our systems within 48 hours of creation.
Stripe Identity is built based on expertise we’ve developed from building a global infrastructure that handles hundreds of billions of dollars in payments annually. We use learnings from building a bank-grade infrastructure to help keep verification data safe as well.
We transfer verification data via TLS encrypted connections and use AES-256 encryption at rest. To prevent unauthorized access or use of verification data, we’ve implemented additional access controls to protect your confidential and sensitive information held by Stripe. This will keep the most sensitive data accessible only to those who have reason to access it.
Learn more about the safeguards we've put in place to protect data transfers and control access.
Since Stripe is conducting ID verifications on behalf of the business that requested your verification, you are also granting consent for that business to use and access information captured as part of the verification flow. Specifically the business will have access to: captured images of the ID document, selfies, extracted data from the ID document, keyed-in information, and the verification result. Stripe does not retain and will not share the biometric identifiers used to verify you.
Owners, admins, and individuals with permission granted by the business that requested your verification have access to your information through the Stripe Dashboard. The business can also access your information through the API with the use of restricted API keys.
As part of the ID verification process, we may send captured images and keyed-in information to third party service providers for review. This will only happen in situations where our automated verification technology cannot make a decision with confidence. These third parties are held to the same standards we use for sub-processors.
Stripe stores information collected during the verification process on behalf of the business that requested the verification and in some cases on our own behalf as a data controller.
The biometric identifiers created to conduct the verification are not stored and will be fully removed from our systems within 48 hours.
We will typically store the rest of your submitted identity information for 3 years. This includes all images captured, extracted data from your ID document including name, date of birth, and ID number, and any information submitted via forms such as name, date of birth, SSN, email, and phone number, and the verification response.
Stripe may act as either a data processor or controller for your verification data. A “controller” is the main decision-maker that exercises overall control over the purposes and means of the processing of personal data. A “processor” acts on behalf of and upon the instruction of the relevant controller (learn more).
Stripe is a data processor when we use data captured to verify your identity on behalf of the business that requested our services. This means that if you’d like to delete the data we are storing on behalf of the business, you will need to reach out to the business directly and they will need to take action to delete this data from our systems.
We are also processing and storing your verification data in the United States, no matter where you are based or where the business that requested verification is located.
Stripe is a data controller of non-biometric data like images of your ID documents, extracted data, web metadata, and in some cases advanced fraud detection signals. If you also gave us permission to use your data to improve Stripe’s verification technology, we are a data controller of your biometric data as well.