Baseten uses third-party payment processors to handle payment card transactions and states it does not store your payment card information directly; your payment data is governed by the payment processor's own privacy policy.
This analysis describes what Baseten's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
The policy states that Baseten does not store payment card data directly, which limits Baseten's liability for payment card data breaches, but also means users must review the payment processor's separate privacy policy to understand how their financial data is handled.
Your payment card information is processed by a third-party payment processor, not stored by Baseten directly; the terms governing your payment data are set by the processor's own privacy policy, not this document.
How other platforms handle this
At Ledger, earning and maintaining our users' trust is a top priority. That's why we are deeply committed not only to protecting your privacy and securing your personal data, but also to being fully transparent about how we handle it.
If you are located in the European Economic Area, Switzerland, or the United Kingdom, you have the right to access, correct, or erase your personal data; the right to restrict or object to our processing of your personal data; the right to data portability; and, where our processing is based on your...
We use information to enhance the quality, reliability, and/or accuracy of our AI Features by creating, developing, training, testing, improving, and maintaining AI and ML models run by Strava or our service providers. We use aggregated, de-identified data for this purpose. We also use personal info...
Monitoring
Baseten has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 25 platforms.
"We may provide paid products and/or services within the Service. In that case, we may use third-party services for payment processing (e.g. payment processors). We will not store or collect Your payment card information. That information is provided directly to Our third-party payment processors whose use of Your personal information is governed by their Privacy Policy.— Excerpt from Baseten's Baseten Privacy Policy
(1) REGULATORY LANDSCAPE: Payment card data processing engages PCI DSS standards for card data security, which apply to merchants and their payment processors. The FTC Act applies to representations about data security practices. If the payment processor is a covered entity or business associate under financial privacy regulations, additional obligations may apply. (2) GOVERNANCE EXPOSURE: Low. The policy's statement that Baseten does not store payment card information and delegates this processing to third-party processors is consistent with common industry practice and limits direct PCI DSS scope for Baseten. However, the policy does not name the specific payment processors, which may affect the adequacy of disclosure under CCPA. (3) JURISDICTION FLAGS: California residents may request disclosure of which third-party payment processors receive their personal information under CCPA. EU/EEA users may require identification of payment processors as data processors or controllers under GDPR. (4) CONTRACT AND VENDOR IMPLICATIONS: Procurement teams should confirm that data processing agreements are in place with all payment processors and that those processors maintain PCI DSS compliance. The policy's statement that the processor's own privacy policy governs means users have limited visibility into downstream payment data handling without reviewing each processor's policy separately. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should verify that the payment processors used are named in the Detailed Information section and that applicable data processing agreements include required security and confidentiality terms.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Monitor: 25 platforms + same-day alerts. No credit card required.
Ad personalization controls removed. Contact scanning added. Advertiser data partnerships quietly dropped. A timeline of every change.
Compliance Governance Intelligence
Need to monitor specific governance provisions?
Compliance includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
The policy states that Baseten does not store payment card data directly, which limits Baseten's liability for payment card data breaches, but also means users must review the payment processor's separate privacy policy to understand how their financial data is handled.
Your payment card information is processed by a third-party payment processor, not stored by Baseten directly; the terms governing your payment data are set by the processor's own privacy policy, not this document.
ConductAtlas has identified this type of provision across 1 platforms. See the full comparison.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Baseten.