Compare data sharing governance provisions between Stripe and PayPal. Provisions are extracted from monitored governance documents and classified by severity.
The clause establishes the operational framework for data handling by defining the scope of Stripe's authorized data processing activities and establishing privacy governance through referenced policies. It also allocates responsibility to the user to obtain necessary consents from their own customers for payment data processing.
Consumer impact
Users authorize Stripe to process and share transaction and customer data according to specified terms and policies, and users assume responsibility for obtaining customer consents required for Stripe's payment data processing activities. The extent of data sharing with specific third-party categories is defined by reference to the Privacy Policy rather than enumerated in the agreement itself.
Opt-out available
No opt-out available
Actual clause text
By entering into this Agreement, you authorize Stripe to collect, use, retain, and share information about you and your transactions in accordance with Stripe's Privacy Policy (available at stripe.com/privacy) and any applicable Data Processing Agreement. Stripe may share your data with its affiliates, financial partners, card networks, and as required by applicable law or regulation. You represent and warrant that you have obtained all necessary consents from your customers to permit Stripe to process their payment data as described in the Privacy Policy.
AI-extracted from source document. Verify against original for legal use.
This provision establishes the scope of entities that may receive personal information through PayPal's operations and clarifies that PayPal's privacy obligations do not extend to how merchants and partners subsequently manage shared data. The authorization encompasses both transaction-specific recipients and third-party data brokers, creating separate data governance regimes depending on the recipient category.
Consumer impact
Users' personal information may be shared across multiple categories of third parties as part of PayPal's service delivery and business operations. The terms apply as written upon continued use of the service, meaning users operate under a framework where their information is subject to different privacy policies depending on which entity receives it.
Opt-out available
No opt-out available
Actual clause text
We may disclose Personal Information with the following categories of service providers... Third parties, including service providers, Partners and Merchants, payment partners, such as payment networks and processors, credit reporting agencies and public and private credit databases ("CRAs"), government entities, data brokers, and financial institutions... Please note that once Personal Information is shared with Partners and Merchants (or their service providers) involved in a transaction, the handling of your Personal Information by the Partners and Merchants (or their service provider) is subject to the Partners' and Merchants' own privacy policies and procedures.
AI-extracted from source document. Verify against original for legal use.
PayPal reorganized the table of contents in its Privacy Statement on May 14, 2026. The statement pr…
AI Difference AnalysisProfessional
Stripe's arbitration clause is narrower than Amazon's in one key respect: it includes a small claims court carve-out that Amazon's clause does not. PayPal's clause is the most aggressive of the three, explicitly waiving jury trial rights in addition to class action rights. From a compliance perspective, Amazon presents the lowest risk for B2B contracts while PayPal creates the highest exposure for consumer-facing applications subject to CFPB oversight.