Implementation Summary

Ethyca uses the following endpoints in Stripe to retrieve and delete Personally Identifiable Information (PII) when a user submits a data subject request. See below for a summary of what Ethyca does with each endpoint:

EndpointUser Can DownloadUser Can Delete
UserYesYes
Payment MethodsYesYes
Bank AccountsYesYes
SubscriptionsYesYes
CardYesYes
Tax IDYesYes
Payment IntentYesNo
Setup IntentYesNo
OrderYesNo
Credit NotesYesNo
InvoicesYesNo
ChargesYesNo
Customer Balance TransactionYesNo

Because Stripe is a payment processing platform, it stores PII about your customers. Keep this in mind when you are creating your PII mapping as it will impact what is returned in your subject’s DSR package. In addition, Stripe has a 72 hour deletion window to ensure that payments are completed with their processing prior to deletion.

If this aligns with your use of Stripe, please proceed to the next section to begin setting up your integration in the Control Panel.

For any questions, please reach out to your dedicated Customer Success Manager.

Connection Settings

To create your API key to connect for your instance of Stripe to Ethyca, follow the steps below:

  1. Sign in to Stripe at dashboard.stripe.com/login.
13741374
  1. Click “Developers” on the left navigation menu.
13741374
  1. Select “API Keys” under the Developer menu.
13741374
  1. Click “Create Restricted Key.”
13741374
  1. Give your key a name, like “Ethyca privacy management."
13741374
  1. Allow write access permissions for the following:
  • Charges
  • Customers
  • PaymentIntents
  • PaymentMethods
  • SetupIntents
  • Invoices
  • Subscriptions
  • Orders
  • Cards
  • Transactions
13741374
  1. Press "Create key" at the bottom once complete. At this point, Stripe may prompt you to enter your password again.
13741374
  1. Your key will be shown. Feel free to enter whatever notes are required to inform the rest of your organization about this key’s purpose
13741374