Stripe · Stripe Privacy Policy

Use of Transaction Data for Fraud Prevention and Machine Learning

Medium severity
Share 𝕏 Share in Share

What it is

Stripe uses your transaction history, device data, and other personal information to train its fraud detection algorithms and other AI/machine learning systems.

Consumer impact (what this means for users)

Your transaction data and device information feed into Stripe's machine learning fraud models, meaning automated systems trained on your behavior may make decisions about whether future transactions — including those of other consumers — are flagged as fraudulent, with limited ability to contest such decisions.

What you can do

⚠️ These actions may provide transparency or partial mitigation but may not fully address the underlying issue. Effectiveness varies by jurisdiction and individual circumstances.
  • Delete Your Data
    Visit Stripe's Privacy Center and submit a data subject request to object to processing of your personal data for machine learning and profiling purposes. Select the right to object or restrict processing when completing the form.

Cross-platform context

See how other platforms handle Use of Transaction Data for Fraud Prevention and Machine Learning and similar clauses.

Compare across platforms →
Need full compliance memos? See Professional →

Why it matters (compliance & risk perspective)

Your personal payment behavior is used as training data for Stripe's commercial AI systems, which may affect how future transactions by you or others are assessed, with limited transparency about how these models operate.

View original clause language
We use Personal Data to detect and prevent fraud, and to develop and improve our fraud detection models and other machine learning systems. This may include using transaction data, device information, and other Personal Data to train and refine our systems.

Institutional analysis (Compliance & legal intelligence)

REGULATORY FRAMEWORK: GDPR Art. 22 restricts automated decision-making with legal or similarly significant effects, requiring either explicit consent (Art. 6(1)(a)), contractual necessity (Art. 6(1)(b)), or specific member state law authorization; affected individuals have the right to human review. GDPR Art. 5(1)(b) purpose limitation requires that use of data for ML training be compatible with the original collection purpose. The EU AI Act (Regulation 2024/1689) classifies certain fraud detection systems as high-risk AI, imposing transparency and conformity assessment obligations. FTC Act Section 5 applies to deceptive AI practices.

🔒

Compliance intelligence locked

Regulatory citations, enforcement risk, and due diligence action items.

Watcher $9.99/mo Professional $149/mo

Watcher: regulatory citations. Professional: full compliance memo.

Applicable agencies

  • FTC
    The FTC has enforcement authority over deceptive or unfair AI and automated decision-making practices under FTC Act Section 5.
    File a complaint →

Provision details

Document information
Document
Stripe Privacy Policy
Entity
Stripe
Document last updated
March 24, 2026
Tracking information
First tracked
April 27, 2026
Last verified
April 27, 2026
Record ID
CA-P-003371
Document ID
CA-D-00106
Evidence Provenance
Source URL
https://stripe.com/privacy
Wayback Machine
View archived versions →
SHA-256
44d69cd19e1ca6f2b31785fb53f7c219f512832c75cd8b17d2cae72b6a1516d6
Verified
✓ Snapshot stored   ✓ Change verified
How to Cite
ConductAtlas Policy Archive
Entity: Stripe | Document: Stripe Privacy Policy | Record: CA-P-003371
Captured: 2026-04-27 12:23:52 UTC | SHA-256: 44d69cd19e1ca6f2…
URL: https://conductatlas.com/platform/stripe/stripe-privacy-policy/use-of-transaction-data-for-fraud-prevention-and-machine-learning/
Accessed: April 29, 2026
Classification
Severity
Medium
Categories
Unknown

Other provisions in this document