Privacy with Stripe
Transcend automatically fulfills privacy requests in Stripe and other major data systems.
Stripe enables businesses to accept and manage online payments.
Transcend can access financial profile information including credit/debit cards on file, charge history, payments, invoices, subscriptions, and payment profile information.
Looking to comply with GDPR and CCPA data subject access and erasure requests (DSRs)?
Deleting data in Stripe
Transcend allows you to programmatically access or delete user data in the Stripe platform in accordance with data privacy regulations like GDPR and CCPA.
Overview of data actions
Access Requests Transcend will retrieve all details associated with the data subject's email, including profile information, payment methods, credit/debit card information, charge history, payments invoices, invoice items, orders, and payments subscriptions.
Erasure Requests Transcend will delete all Customer data associated with the data subject's email, including ID, address, description, name, phone, shipping address and any metadata. NOTE: While these user identifiers are deleted, the customer object and associated transaction information are preserved per Stripe’s recommended workflow.
Setting up the Stripe integration
To get started, make sure you're logged in to Transcend. If not, log in to Transcend here. To configure the Stripe integration, you'll want to:
- Navigate to Data Map > Add data silo > Stripe.
- Log in to Stripe as a user with administrative privileges. Navigate to Developers > API Keys and click "Create Restricted Key". Provision access as outlined here. When done, click "Save Key". Click "Reveal live key token" from the Developers > API Key menu. Paste this key into Transcend to connect the integration.
- Success! Once connected, navigate to the Privacy Center tab. You'll need to map the data in Stripe to your Data Practices. To do this, create a new Category as well as a new Data Collection with the appropriate naming convention (e.g. "Lead Data" or "Analytics Data"). When you're done, hit publish.
- Navigate back to your Data Map and click into the Stripe data silo. Expand "Manage Datapoints" and select the Collection Label (Category) you created in the previous step from the dropdown. You can also choose which data actions (e.g. access or erasure) are enabled for which datapoints.
- Next, while still in the Stripe data silo, expand "Manage Identifiers". Check the respective boxes for which identifiers you'd like enabled. As an example, if you'd like Transcend to search users by email address, you'd check the box to enable the Email Address identifier. Note: if identifiers are not enabled correctly, we may not be able to process requests for certain users.
We recommend testing requests across your Data Map before you start processing requests from end-users. To do this:
- Go to Privacy Center and click "View your Privacy Center".
- From your Privacy Center, click Take Control, then Download my data. You'll need to enter your email or login to authenticate yourself before submitting the request.
- Check your email for a message from Transcend. You'll be asked to click on a verification link to verify the request. Confirm your download request.
- Next, back in the Admin Dashboard, navigate to the Incoming Requests tab and select your request. If you don't see the request here, contact us at firstname.lastname@example.org.
- Once you've clicked into your request, navigate to the Data Silos tab and select Stripe. Inspect the data returned.
- Finally, navigate to the Report tab and click Approve and Send. You should receive the report at the email address you submitted with the request.
Removing the Stripe integration
To remove the Marketo data silo from your Data Map, navigate to your Data Map, and click into Stripe. At the bottom of the screen, expand "Remove Stripe". Click Remove Silo. You'll be prompted to confirm that you'd like to remove the silo, click Ok. Confirm the silo has been removed by navigating back to your Data Map.