Iubenda logo
Start generating

Documentation

Table of Contents

Stripe (payment processing, OAuth & account access) and the GDPR – How to be compliant

Stripe

What is Stripe?

Stripe is a payment processing platform (similar to PayPal). Stripe OAuth is Stripe’s authorization protocol that uses tokens (rather than sharing password data) to prove identity between consumers and the service provider, and Stripe account access facilitates user registration, login and authentication.

Do I need a Privacy Policy if I let my users pay or log in with Stripe on my website or app?

Yes, you do.

If you use Stripe on your website or app, then add the relevant Stripe service to your privacy policy. The personal data collected are various types of data as specified in their privacy policy.

Do I need a Cookie Policy if I use Stripe on my website or app?

Yes, you do.

Stripe may install cookies on your visitors’ devices, as stated in their cookie policy. Therefore, you’ll need a Cookie Policy as well.

Not sure if your website is installing cookies?
Check out our guide to identify the cookies your site installs in browsers.

→ How to generate a Cookie Policy in 10 seconds

Do I need a Cookie Banner if I use Stripe on my website or app?

In general, websites that use third-party cookies as well as their own cookies for tracking and analytics must comply with the law and to do so are required to obtain the user’s express consent.

If you operate in the EU or could potentially have EU users, you need to comply with the Cookie Law.

Our Cookie Solution complies with provisions of the Cookie Law; it allows you to easily inform users, facilitate their consent and includes the option to preemptively block any scripts that could install cookies prior to consent (required in many EU countries).

→ Discover iubenda Cookie Solution
Quickly generate a fully customizable cookie banner, seamlessly collect consent, and implement prior blocking with asynchronous re-activation.

How to Create a GDPR Privacy and Cookie Policy for Stripe

With iubenda, you can easily declare which services your website uses to collect data. You can find the “Stripe” “Stripe OAuth” and “Stripe account access” services in the Privacy and Cookie Policy Generator.

Not sure what services to select and add to your privacy policy?
Scan your website using the Site Scanner feature of iubenda and get a list of all services used on your website right away.

Trusted by 60.000 clients, iubenda is the easiest and most professional way to generate and manage privacy & cookie policies and terms & conditions, to store and manage user consent, and to comply with the ePrivacy (Cookie Law), the GDPR and the CCPA.