The policy discloses that Stripe shares data with advertising and analytics partners, which may include behavioral and device data collected from users interacting with Stripe-powered pages.
This analysis describes what Stripe's agreement states, permits, or reserves. It does not constitute a legal determination about enforceability. Regulatory applicability and practical outcomes may vary by jurisdiction, enforcement context, and individual circumstances. Read our methodology
Sharing behavioral and device data with advertising and analytics partners may constitute a sale or sharing of personal data under CCPA, triggering opt-out rights for California residents, and may require a legal basis under GDPR separate from the performance of a contract.
Interpretive note: The specific advertising and analytics partners, the categories of data shared with each, and the available opt-out mechanisms are not detailed in the policy text provided and are referenced to supplemental documents including the Cookies Policy and Privacy Center.
Stripe's policy authorizes sharing of data including device identifiers and behavioral information with advertising and analytics partners, which California residents may have the right to opt out of under CCPA as a sale or sharing of personal information.
How other platforms handle this
We may share your information with third-party advertising partners to provide you with targeted advertising. We also work with third-party analytics providers who help us understand how users interact with our Services. These third parties may use cookies, web beacons, and similar tracking technolo...
We work with third-party advertising partners to market our Products, and we share personal data with advertising networks and social media companies to serve ads. We also use analytics providers to help us understand how users interact with our Products.
We may share your personal information with third-party vendors and service providers that perform services on our behalf, such as payment processing, data analysis, email delivery, hosting services, customer service, and marketing assistance. We may also share your personal information with busines...
Monitoring
Stripe has changed this document before.
Receive same-day alerts, structured change summaries, and monitoring for up to 10 platforms.
"This Privacy Policy describes the Personal Data that we collect, how we use and share it, and how you can reach us with privacy-related inquiries.— Excerpt from Stripe's Stripe Privacy Policy
(1) REGULATORY LANDSCAPE: Advertising and analytics data sharing engages CCPA and CPRA opt-out rights (sale and sharing of personal information), GDPR legitimate interests and consent requirements for behavioral advertising, and the ePrivacy Directive for cookie-based tracking in the EU. The California Privacy Protection Agency and FTC are relevant authorities. Stripe's Cookies Policy (linked in navigation) provides additional disclosure. (2) GOVERNANCE EXPOSURE: Medium. Sharing device and behavioral data with advertising partners may qualify as a sale or sharing of personal information under CCPA, requiring Stripe to honor opt-out requests and provide a Do Not Sell or Share link. GDPR requires a valid lawful basis (typically consent or legitimate interests with a balancing test) for behavioral advertising processing. (3) JURISDICTION FLAGS: California residents have the most direct rights exposure under CCPA and CPRA. EU/EEA users are protected by GDPR and ePrivacy rules requiring consent for most behavioral advertising. UK users are subject to UK GDPR and the UK equivalent of ePrivacy rules. (4) CONTRACT AND VENDOR IMPLICATIONS: Business Users integrating Stripe's payment tools should assess whether Stripe's advertising and analytics data sharing on their checkout pages creates obligations for the Business User's own privacy disclosures and consent mechanisms. Revenue-sharing or data-sharing arrangements with analytics vendors should be reviewed for CCPA service provider qualification. (5) COMPLIANCE CONSIDERATIONS: Compliance teams should review Stripe's Cookies Policy for the specific advertising and analytics partners receiving data, confirm that opt-out mechanisms function correctly for California users, and assess whether consent mechanisms for EU users on Stripe-hosted pages are adequate under GDPR and ePrivacy standards.
Full compliance analysis
Regulatory citations, enforcement risk, and due diligence action items.
Free: track 1 platform + weekly digest. Watcher: 10 platforms + same-day alerts. No credit card required.
ConductAtlas detected a major restructuring of Meta’s privacy policy that removed detailed consumer rights disclosures and relocated them to separate documents.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.
Professional Governance Intelligence
Need to monitor specific governance provisions?
Professional includes provision-level monitoring, governance timelines, regulatory mapping, and audit-ready analysis.
Built from archived source documents, structured governance mappings, and historical version tracking.
Sharing behavioral and device data with advertising and analytics partners may constitute a sale or sharing of personal data under CCPA, triggering opt-out rights for California residents, and may require a legal basis under GDPR separate from the performance of a contract.
Stripe's policy authorizes sharing of data including device identifiers and behavioral information with advertising and analytics partners, which California residents may have the right to opt out of under CCPA as a sale or sharing of personal information.
No. ConductAtlas is an independent monitoring service. We are not affiliated with, endorsed by, or sponsored by Stripe.