Stripe moves your personal data internationally, including to the United States, relying on EU-approved legal tools like Standard Contractual Clauses and the EU-US Data Privacy Framework.
Your personal and financial data may be transferred to the United States and other countries with different privacy protections, relying on mechanisms like SCCs and the EU-US Data Privacy Framework that have faced legal challenges and may not guarantee equivalent protection to EU/UK law.
How other platforms handle this
Other Users if you have a business profile. If you have a business profile, we will display a payment link and disclose certain information about you to other Users, including your name or business name, profile picture or logo, and the city associated with your PayPal account, as well as total time...
11 Inferences Conclusions that could be used to create a profile reflecting an individual's preferences, characteristics, psychological trends, predispositions, behavior, attitudes, intelligence, abilities, aptitude. YES. YES
We permit third-party service providers to collect your information, as described here, through some of our services and we share your information with third-party service providers for business purposes as described in this policy, including but not limited to providing advertising on our services ...
International transfers mean your data is processed under legal frameworks that may offer different protections than your home country's laws, and the adequacy of these mechanisms has been subject to legal challenge.
REGULATORY FRAMEWORK: GDPR Chapter V (Arts. 44-49) governs international transfers; SCCs are authorized under Art. 46(2)(c) via European Commission Decision 2021/914. The EU-U.S. Data Privacy Framework was adopted via EC Adequacy Decision of July 10, 2023 (C(2023) 4745). UK GDPR and the UK-US Data Bridge apply for UK transfers. The CJEU's Schrems II judgment (Case C-311/18) requires transfer impact assessments (TIAs) for SCC-based transfers. Irish DPC is the lead EU supervisory authority for Stripe's EU operations.
Compliance intelligence locked
Regulatory citations, enforcement risk, and due diligence action items.
Watcher: regulatory citations. Professional: full compliance memo.
Your genetic data may be transferred to a new owner as a business asset. Here is what the Terms of Service actually say and what you can do right now.