Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

feat(products): Added Stripe #156

Merged
merged 7 commits into from
Aug 9, 2023
Merged

feat(products): Added Stripe #156

Show file tree
Hide file tree
Changes from 4 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
60c0678
added Stripe
Deivedux Apr 9, 2023
51bd7ee
improved markdown for data-deletion citation
Deivedux Apr 9, 2023
067dd69
corrected a misinterpretation of the question
Deivedux Apr 10, 2023
baa2b3f
proper language
Deivedux Apr 10, 2023
3d93295
update
Deivedux Jul 11, 2023
405044f
update
Deivedux Jul 28, 2023
8ee01dc
new policy update date
Deivedux Aug 8, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
Binary file added icons/stripe.png
View file
Open in desktop
Loading
Sorry, something went wrong. Reload?
Sorry, we cannot display this file.
Sorry, this file is invalid so it cannot be displayed.
68 changes: 68 additions & 0 deletions products/stripe.toml
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,68 @@
name = "Stripe"
description = "Payment processor for e-commerce and mobile applications."
slug = "stripe"
hostnames = [ "stripe.com" ]
sources = [ "https://stripe.com/privacy" ]
contributors = [ "Deivedux" ]

[rubric.behavioral-marketing]
value = "yes"
citations = [ "We may use your Personal Data to assess your eligibility for, and offer you, other End User Services or promote existing End User Services. Where allowed by law (including with your opt-in consent where required), we use and share End User Personal Data with others so that we may market our End User Services to you, including through interest-based advertising." ]
Deivedux marked this conversation as resolved.
Show resolved Hide resolved

[rubric.data-breaches]
value = "no"
notes = [ "The policy doesn't seem to mention a data breach policy." ]

[rubric.data-collection-reasoning]
value = "yes"
notes = [
"Section 1.1b in the policy contains a brief overview of their use and share of personal data.",
"The entirety of section 2 is a continuation, more exhaustive list of reasons how they use and share personal data."
Deivedux marked this conversation as resolved.
Show resolved Hide resolved
]

[rubric.data-deletion]
value = "no"
Deivedux marked this conversation as resolved.
Show resolved Hide resolved
citations = [
"""Even after we stop providing Services directly to you or a Business User with which you are doing business, and even if you close your Stripe account or complete a transaction with a Business User, we may retain your Personal Data:
- to comply with our legal and regulatory obligations.
- to enable fraud monitoring, detection and loss prevention activities.
- to comply with our tax, accounting, and financial reporting obligations
- where required by our contractual commitments to our financial partners (and where data retention is mandated by the payment methods you used).
"""
]

[rubric.history]
value = "last-modified"
citations = [ "Last updated: January 24, 2023" ]
Deivedux marked this conversation as resolved.
Show resolved Hide resolved

[rubric.law-enforcement]
value = "reasonable"
citations = [
"We share Personal Data as we believe necessary: [...] (v) to respond to valid legal process requests from courts, law enforcement agencies, regulatory agencies, and other public and government authorities, which may include authorities outside your country of residence.",
"In certain situations, we may be required to disclose Personal Data in response to lawful requests from officials (such as law enforcement or security authorities)."
]

[rubric.list-collected]
value = "generally"
notes = [ "While their list seems exhaustive in size, it is filled with vague wording like \"such as\" and \"for example\", making it difficult to verify so." ]

[rubric.noncritical-purposes]
value = "na"
notes = [ "The policy does not mention the collection of non-critical personal data." ]
Deivedux marked this conversation as resolved.
Show resolved Hide resolved

[rubric.revision-notify]
value = "yes"
citations = [ "We may provide you with disclosures and alerts regarding the Policy or Personal Data collected by posting them on our website and, if you are an End User or Representative, by contacting you through your Stripe Dashboard, email address and/or the physical address listed in your Stripe account." ]

[rubric.security]
value = "no"
Deivedux marked this conversation as resolved.
Show resolved Hide resolved
citations = [ "We make reasonable efforts to provide a level of security appropriate to the risk associated with the processing of your Personal Data. We maintain organizational, technical and administrative measures designed to protect Personal Data covered by this Policy against unauthorized access, destruction, loss, alteration or misuse. Unfortunately, no data transmission or storage system can be guaranteed to be 100% secure." ]
notes = [ "The policy doesn't get any more specific than that. They then follow up with general security recommendations for the end users to protect their own accounts." ]

[rubric.third-party-access]
value = "yes-unspecified-critical"
notes = [ "The policy lists sharing of only critical data with third-parties, but does not explicitly list any of them." ]
Deivedux marked this conversation as resolved.
Show resolved Hide resolved

[rubric.third-party-collection]
value = "critical-only"
citations = [ "We may collect information from you, and about you, from Business Users, financial parties and in some cases third parties. For example, to protect our Services, we may receive information from third parties about IP addresses that malicious actors have compromised." ]