Stripe will only use your verification data in accordance with the consent you granted before starting the verification process and our Privacy Policy. If a business used Stripe to verify your identity, ensure that you review their privacy policy to learn more about their use of your personal data. Don't forget to contact that business if you'd like the data that Stripe is storing on their behalf to be deleted, as well as any other copies they may have created on their systems.
If you'd like to withdraw your consent, access your information or disallow Stripe's use of your submitted identity data, please contact us by emailing privacy@stripe.com.
Don't forget to contact the business that requested your verification if you'd like the data that Stripe is storing on their behalf to be deleted, as well as any other copies they may have created on their systems.
See answers to more questions about how Stripe Identity works.
1. Contact the business that requested your verification if you'd like the data that Stripe is storing on their behalf to be deleted, as well as any other copies they may have created on their systems. Stripe cannot delete this data itself because it is acting as a data processor when storing the data on behalf of the business that requested your verification.
2. Get in touch with Stripe by emailing privacy@stripe.com to delete data collected and stored during the identity verification process that is used by Stripe as an independent controller.
Upon receiving a verifiable deletion request, Stripe will no longer use your submitted identity data for Stripe's own purposes. Note, however, that unless the business that requested your verification has deleted it, Stripe will retain copies of your submitted identity data – the images of you and your ID, as well as any typed or extracted data and the verification results and insights, as a processor on behalf of the business who requested your verification. Please also note that Stripe may retain your personal data where permitted by law, including to comply with our legal obligations. For example, Stripe may not be able to delete data because of legal retention requirements, such as if your data was used to verify that you meet Stripe's anti-money laundering requirements. You can read more about our retention practices in our Privacy Policy.
If you gave consent for Stripe to use your biometric information but would now like to revoke that consent, you can let us know by emailing privacy@stripe.com.
As a reminder, if you only gave consent for Stripe to verify your identity and for fraud and security purposes, the biometric identifiers used to make the initial verification are fully removed from our systems within one year. If you gave consent to improve Stripe's verification technology, the biometric identifiers that are occasionally created to improve our systems are likewise removed within one year of creation.
Stripe Identity is built on the expertise we've developed from building a global infrastructure that handles hundreds of billions of dollars in payments every year. We use learnings from building a bank-grade infrastructure to help keep verification data safe as well.
We transfer verification data via TLS-encrypted connections and use AES-256 encryption at rest. To prevent unauthorised access or use of verification data, we've implemented additional access controls to protect your confidential and sensitive information held by Stripe. This will ensure that the most sensitive data can only be accessed by those who have reason to access it.
Learn more about the safeguards that we've put in place to protect data transfers and control access.
In instances where Stripe is conducting ID verifications on behalf of the business that requested your verification, you are also granting consent for that business to use and access the information captured as part of the verification flow. More specifically, the business will have access to: captured images of the ID document, selfies, extracted data from the ID document, keyed-in information and the verification result. Stripe will not share the biometric identifiers used to verify you.
Owners, admins and individuals with permission granted by the business that requested your verification can access your information through the Stripe Dashboard. The business can also access your information through the API with the use of restricted API keys.
As part of the ID verification process, we may send information, including captured images, addresses and other information provided to Stripe to third-party service providers for review. Stripe may work with third-party service providers to check the submitted information against third-party owned and managed data sources (such as government-issued databases and others) to help confirm the identity in question. This will only happen in situations where our automated verification technology cannot make a decision with confidence. These third parties are held to the same standards we use for sub-processors.
Learn more about the Stripe entities involved in processing your personal data.
Stripe stores information collected during the verification process on behalf of the business that requested the verification and in some cases on our own behalf as a data controller.
The biometric identifiers created to conduct the verification will be fully removed from our systems within one year.
We will typically store the rest of your submitted identity information for three years. This includes all images captured, data captured from your interaction with Stripe (e.g. browser type and IP address), data extracted from your ID document including name, date of birth and ID number, and any information submitted via forms such as name, date of birth, SSN in the US, email address and phone number, and the verification response.
However, either the business that requested your verification or Stripe may have a reason to store your data for a longer period under applicable law. For example, this data may need to be stored for a longer period to comply with anti-money laundering or sanctions laws if it was used to conduct a verification to meet a legal Know Your Customer (KYC) requirement. Please review the privacy policy of the business that used Stripe to verify your identity to learn more about their retention practices.
We also capture common web analytics metadata such as your browser type, operating system, camera type and IP address, which is sent by your browser to each website you access. Depending on how the business that requested your verification configured Stripe Identity, we may also collect advanced fraud detection signals from your browser. We retain this information to help us prevent fraud, identify bugs and improve our services, and we may retain it for a longer period of time as permitted by law and our Privacy Policy.
Stripe may act either as a data processor or controller for your verification data. A "controller" is the main decision-maker that exercises overall control over the purposes and means of the processing of personal data. A "processor" acts as a service provider on behalf of and upon the instruction of the relevant controller (learn more).
Stripe is a data processor when we use the data that has been captured to verify your identity on behalf of the business that requested our services. This means that if you'd like the data we are storing on behalf of the business to be deleted, you will need to contact the business directly and they will need to take action to delete this data from our systems.
When Stripe is verifying your identity to comply with its own legal obligations or is using your submitted data for fraud prevention and security purposes, it is acting as a data controller. Stripe is also a data controller of non-biometric data such as images of your ID documents, extracted data, web metadata and in some cases advanced fraud detection signals. We are a data controller for your biometric data as well for fraud and security purposes, and also for improving our biometric verification technology in instances where you've provided consent.
Stripe calculates risk for various attributes of an identity verification attempt, including the likelihood that the ID document has been manipulated. Stripe then shares this information, along with a summary of identity fraud detection signals with the businesses that rely on Stripe's products and services.
We also process and store your verification data in the United States, no matter where you are based or where the business that requested verification is located.
We will only use your data as outlined in our Privacy Policy. This includes situations where we use information collected from you to identify and combat fraud, and authenticate you in other interactions with Stripe or Stripe merchants.
Learn more about the Stripe entities involved in processing your personal data.
Data |
Purpose |
Retention period |
Biometrics |
Verification, fraud and security purposes |
Up to one year |
Biometrics |
Improve Stripe's biometric technology (where separately agreed to) |
Up to one year |