Iubenda logo
Start generating


Table of Contents

Stripe and the GDPR – How to be compliant | test

Stripe gdpr.png

What is Stripe?

Stripe is a payment processing platform for businesses. It allows easy acceptance of credit/debit cards, ACH, and digital wallets on websites and apps. Stripe also provides fraud detection and prevention tools, and facilitates subscriptions and recurring payments.

How Stripe describes their service

Stripe is a suite of APIs powering online payment processing and commerce solutions for internet businesses of all sizes. Accept payments and scale faster.

Does Stripe use tracking cookies?

Yes, Stripe may use tracking cookies. Therefore, if European laws like the GDPR apply to you, you will need to collect opt-in consent before running Stripe. If US laws like the CPRA and VCDPA apply to you, you may need to provide your users with a way to opt-out of tracking. See which laws apply to you here.

Do I need a Privacy Policy if I let my users pay or log in with Stripe on my website or app?

Yes, you do. Privacy policies are required under most privacy legislations worldwide including the GDPR, CCPA/CPRA, LGPD and more. The personal data collected are:

  • trackers,
  • usage Data,
  • first name,
  • last name,
  • email address,
  • various types of Data as specified in the privacy policy of the service,
  • billing address,
  • payment info,
  • purchase history.

For more information on how Stripe processes personal data, see their privacy policy or check their main website.

Do I need a Cookie Policy if I use Stripe on my website or app?

Yes, you do.
Stripe may install cookies on your visitors’ devices, as stated in their cookie policy. Therefore, you’ll need a Cookie Policy as well.

Not sure if your website is installing cookies?

🔍 Scan your site now →

Which cookies does Stripe use?

Name of cookie How long it lasts (max age in seconds)

Do I need a Cookie Banner if I use Stripe on my website or app?

In general, websites that use third-party cookies as well as their own cookies for tracking and analytics must comply with the law and therefore are required to obtain the user’s express consent.

If you operate in Europe or could potentially have European users, you need to comply with the GDPR and ePrivacy.

Our Privacy Controls and Cookie Solution complies with provisions of the ePrivacy; it allows you to easily inform users, facilitate their consent and it includes the option to preemptively block any scripts that could install cookies prior to consent (required in many European countries).

→ Discover iubenda Privacy Controls and Cookie Solution
Quickly generate a fully customizable cookie banner, seamlessly collect consent, and implement prior blocking with asynchronous re-activation.

How to Create a GDPR Privacy and Cookie Policy for Stripe

With iubenda, you can easily declare which services your website uses to collect data in the “Handling Payments ” section of our Privacy and Cookie Policy Generator.

💡 Not sure what services to select and add to your privacy policy?
Scan your website using our free Site Scanner to find out right away.

Trusted by over 90,000 clients in 100+ countries, iubenda is the most trusted and easiest way to generate and manage Privacy & Cookie Policies and Terms & Conditions, Consent records and more.

iubenda helps you to comply in minutes with Global laws like the European ePrivacy (Cookie Law), the GDPR and the US’s CPRA, and VCDPA.

Generate your Privacy Documents for Stripe