Stripe is a wonderful credit card payment gateway, which integrates easily with many WordPress based e-commerce plugins. Chances are good that if you're accepting credit cards on your site, you might be using Stripe to power it.

One of the more sensitive areas of personally identifiable information under GDPR is financial data. Nearly everything in Stripe that is associated with a payment contains personally identifiable information of some sort.

Stripe GDPR Data Export

There is a lot of information included in the Stripe export. We'll list the high level data that is included in the export here, and if you're interested in the details, you can view the complete list below:

  • Cards - includes information about all cards used by your customer.
  • Charges - information about the charges made to this customer's account.
  • Customer specific information - information like the currency they are charged in, the date/time their account was created, etc.
  • Invoices - information on specific invoices available in the customer's account.
  • Payment sources - this could include alternative payment methods like ACH, Alipay, Bancontact, Bitcoin, and a number of others.
  • Subscriptions - includes information about any active or canceled subscriptions for this customer.

Stripe GDPR Erase Request

Since Stripe deals with financial data, Privacy WP will not erase all customer data from Stripe.

Privacy WP will not erase transactional data from Stripe, as you may need to keep the data for a period of time for tax, or other regulatory purposes. With countless jurisdictions around the world with different data retention requirements, we have opted to not erase transactional data at this time.

Instead, when you erase a customer through Privacy WP, the following will happen:

  • The customer record will be anonymized and marked as deleted. This is how Stripe handles deleting customers so that a generic "customer" can be associated with each transaction. No identifying information remains in the customer record.
  • Any subscriptions for the customer will be canceled immediately. No further charges will occur.
  • Any cards on file for the customer will be removed. No further charges can be made to cards that are on file.

If you try to access the customer's account in Stripe after running the erasure tool, you will find something similar to the following:

Stripe Delete Customer

Get Privacy WP for Stripe GDPR Export and Erasure

Single

$29 per year
  • 1 year of support and updates for 1 website

Plus

$39 per year
  • 1 year of support and updates for up to 5 websites

Ultimate

$89 per year
  • 1 year of support and updates for unlimited websites

Complete List of Stripe GDPR Exported Data

  • Cards
    • ID
    • Address City
    • Address Country
    • Address Line 1
    • Address Line 1 Check (If address_line1 was provided, results of the check: pass, fail, unavailable, or unchecked.)
    • Address Line 2
    • Address State
    • Address Zip
    • Brand (Visa, MasterCard, AMEX, etc.)
    • Country
    • Customer ID
    • CVC Check (If a CVC was provided, results of the check: pass, fail, unavailable, or unchecked)
    • Dynamic Last 4 (For tokenized numbers only. The last four digits of the device account number.)
    • Expiration Month
    • Expiration Year
    • Fingerprint (Stripes unique identifier for this particular card number.)
    • Funding (Card funding type. Can be credit, debit, prepaid, or unknown.)
    • Last 4 digits of the card
    • Meta Data (additional information about the card)
    • Name (cardholder name)
    • Tokenization method (If the card number is tokenized, this is the method that was used. Can be apple_pay or android_pay.)
  • Charges
    • ID
    • Amount
    • Amount refunded (if any)
    • Application fee ( if any)
    • Balance transaction ID
    • Captured (true/false: if the charge was created without capturing, this represents if the charge is still uncaptured or has since been captured)
    • Created (date/time the transaction was created)
    • Currency (three letter currency code i.e. usd, gbp.)
    • Customer ID (from Stripe)
    • Description (information about the charge)
    • Destination (the account if any that the charge was made on behalf of)
    • Dispute (details about the dispute if the charge was disputed)
    • Failure Code (error code w/ reason for charge failure)
    • Failure Message (further explaining the failure code)
    • Fraud Details (info on fraud assessments for the charge - safe, fraudulent, etc.)
    • Invoice (the invoice ID for this charge if available)
    • Live Mode (true/false: whether the charge was done in live or test mode)
    • Meta Data (additional information about the charge)
    • On Behalf Of (The account if any that the charge was made on behalf of.)
    • Order (the ID of the order the charge is for if any)
    • Outcome (details about whether the payment was accepted and why)
    • Paid (true/false: if the charge succeeded or was successfully authorized for later capture)
    • Receipt email (the email address the receipt was sent to)
    • Refunded (true/false whether the charge was fully refunded - will still be false if partially refunded)
    • Refunds (a list of refunds that have been applied to the charge)
    • Review (ID of the associated review if any)
    • Shipping (shipping info for the charge - street address etc.)
    • Source (card object describing the credit/debit card used)
    • Source Transfer (transfer ID which created the charge if the charge came from another Stripe account)
    • Statement Descriptor (extra info about the charge that shows on customer’s credit card statement)
    • Status (either succeeded, pending, or failed)
    • Transfer group (a string that identifies this transaction as part of a group)
  • Customers
    • Customer ID
    • Account balance
    • Created (date/time)
    • Currency (3 letter code - usd, gbp - that the customer can be charged in for recurring billing purposes)
    • Default source (ID of the default payment source attached to this customer)
    • Delinquent (true/false: When the customer’s latest invoice is billed by charging automatically, delinquent is true if the invoice’s latest charge is failed. When the customer’s latest invoice is billed by sending an invoice, delinquent is true if the invoice is not paid by its due date.)
    • Discount (describes the current discount active on the customer if any)
    • Email (the customer’s email address)
    • Invoice prefix (the prefix for the customer used to generate unique invoice numbers)
    • Live Mode (true/false: whether the customer was created in live or test mode)
    • Meta Data (additional information about the customer)
    • Shipping (mailing and shipping address for the customer)
  • Invoices
    • ID
    • Amount due
    • Amount paid
    • Amount remaining (for partial balance payments)
    • Application fee (if any)
    • Attempt count (number of payment attempts for this invoice)
    • Attempted (true/false: whether an attempt has been made to pay the invoice)
    • Billing (either charge_automatically, or send_invoice)
    • Charge (the ID of the latest charge generated for this invoice)
    • Closed (true/false: whether the invoice is still trying to collect payment. Closed if it’s been paid or marked closed)
    • Currency (three letter currency code i.e. usd, gbp.)
    • Customer ID
    • Date (date/time the invoice was created)
    • Description (arbitrary text describing the invoice)
    • Discount (information on the discount applied if any)
    • Due date (date/time the invoice is due)
    • Ending balance
    • Forgiven (true/false: indicates if the invoice has been forgiven)
    • Lines (list of line items that make up the invoice)
    • Live Mode (true/false: whether the invoice was created in live or test mode)
    • Meta Data (additional information about the invoice)
    • Next Payment Attempt (date/time the next automatic payment will be attempted)
    • Invoice Number(unique string beginning with the customer’s unique invoice prefix)
    • Paid (true/false: whether payment was successfully collected.)
    • Period end (date/time: end of the usage period during which line items were added to the invoice)
    • Period start (date/time: start of the usage period during which line items were added to the invoice)
    • Receipt number
    • Starting balance (starting customer balance before invoice is created)
    • Statement descriptor (additional info about the invoice for the customer’s credit card statement)
    • Subscription (the ID of the subscription that the invoice was prepared for if any)
    • Subtotal
    • Tax amount (amount of the tax added to the invoice subtotal)
    • Tax percent (percentage of the subtotal that’s added to the invoice total)
    • Total
    • Webhooks delivered at (date/time that webhooks for this invoice were successfully delivered.)
  • Sources
    • Source ID
    • ACH Credit Transfer Details (account number anonymized, routing number, bank name, swift code)
    • Amount
    • Client secret (the secret key of this source - used for retrieval using a publishable key)
    • Created (date/time the source was created)
    • Currency (three letter currency code i.e. usd, gbp.)
    • Flow (authentication flow of the payment source: either redirect, receive, code_verification, none)
    • Live Mode (true/false: whether the source was created in live or test mode)
    • Meta Data (additional information about the source)
    • Owner (information about the owner of the payment card/account that may be used or required by certain source types)
    • Receiver (information related to the receiver)
    • Statement Descriptor (extra information about a source, which will appear on the customer’s statement every time the source is charged).
    • Status (status of the payment source will be either: canceled, chargeable, consumed, failed, or pending)
    • Type (the type of payment source will be either: ach_credit_transfer, ach_debit, alipay, bancontact, bitcoin, card, eps, giropay, ideal, multibanco, p24, sepa_credit_transfer, sepa_debit, sofort, or three_d_secure.
    • Usage (either reusable or single_use. Indicates if the source should be reusable for future charges or not)
  • Subscription
    • ID
    • Application fee percent
    • Billing (either charge_automatically or send_invoice)
    • Biling cycle anchor (date/time: Determines the date of the first full invoice, and, for plans with month or year intervals, the day of the month for subsequent invoices.)
    • Cancel at period end (true/false: will the subscription be canceled at the end of the current period)
    • Canceled at (date/time of the cancellation if subscription has been canceled)
    • Created (date/time the subscription was created)
    • Current period end (date/time the current period that the subscription has been invoiced for. At the end of this period a new invoice will be created).
    • Current period start (date/time of the start of the current period the subscription has been invoiced for)
    • Customer ID
    • Days until due (number of days a customer has to pay invoices generated by the subscription)
    • Discount (describes the discount applied to the subscription if any)
    • Ended at (date/time the subscription ended)
    • Items (list of items in the subscription
    • Live Mode (true/false: whether the subscription was created in live or test mode)
    • Meta Data (additional information about the subscription)
    • Plan (description of the subscription plan the customer is subscribed to)
    • Quantity (quantity of the plan that the customer is subscribed to. Ex: if plan is $10/user/month & customer has 5 users, the quantity would be 5 so they are charged $50/user/month)
    • Start (date/time that the most recent update to the subscription started)
    • Status (possible values include: trialing, active, past_due, canceled, or unpaid)
    • Tax percent (tax rate applied to invoices created under this subscription)
    • Trial end (date/time that the trial ends for this subscription if it has a trial)
    • Trial start (date/time if the subscription has a trial, the start of the trial)