Implementation Summary

Ethyca uses the following endpoints in Stripe to retrieve and delete Personally Identifiable Information (PII) when a user submits a data subject request. See below for a summary of what Ethyca does with each endpoint:

Endpoint

User Can Download

User Can Delete

User

Yes

Yes

Payment Methods

Yes

Yes

Bank Accounts

Yes

Yes

Subscriptions

Yes

Yes

Card

Yes

Yes

Tax ID

Yes

Yes

Payment Intent

Yes

No

Setup Intent

Yes

No

Order

Yes

No

Credit Notes

Yes

No

Invoices

Yes

No

Charges

Yes

No

Customer Balance Transaction

Yes

No

Because Stripe is a payment processing platform, it stores PII about your customers. Keep this in mind when you are creating your PII mapping as it will impact what is returned in your subject’s DSR package. In addition, Stripe has a 72 hour deletion window to ensure that payments are completed with their processing prior to deletion.

If this aligns with your use of Stripe, please proceed to the next section to begin setting up your integration in the Control Panel.

For any questions, please reach out to your dedicated Customer Success Manager.

Connection Settings

To create your API key to connect for your instance of Stripe to Ethyca, follow the steps below:

  1. Sign in to Stripe at dashboard.stripe.com/login.
13741374
  1. Click “Developers” on the left navigation menu.
13741374
  1. Select “API Keys” under the Developer menu.
13741374
  1. Click “Create Restricted Key.”
13741374
  1. Give your key a name, like “Ethyca privacy management."
13741374
  1. Allow write access permissions for the following:
  • Charges
  • Customers
  • PaymentIntents
  • PaymentMethods
  • SetupIntents
  • Invoices
  • Subscriptions
  • Orders
  • Cards
  • Transactions
13741374
  1. Press "Create key" at the bottom once complete. At this point, Stripe may prompt you to enter your password again.
13741374
  1. Your key will be shown. Feel free to enter whatever notes are required to inform the rest of your organization about this key’s purpose
13741374