Risk Score
0 = very fair · 100 = very risky
Summary
This is Stripe's Services Agreement General Terms, a business-to-business SaaS contract governing use of Stripe's payment processing and related services. It is primarily aimed at businesses (not consumers), and contains several standard B2B provisions alongside some notably aggressive clauses including mandatory arbitration with class action waiver, broad IP licenses over user content, and extensive rights for Stripe to debit user bank accounts. Overall the agreement is moderately one-sided in Stripe's favor, which is common for financial infrastructure providers, but certain provisions around data use, content licensing, and dispute resolution warrant careful attention.
Flagged Clauses
If you have a dispute with Stripe, you cannot sue them in court as part of a group (class action). You must go through individual private arbitration, which is generally less accessible and more expensive for smaller claims than court proceedings.
“Disputes between User and Stripe are subject to a class action waiver and will be resolved by individual binding arbitration, except as stated otherwise in this Agreement.”
Any content you provide to Stripe can be used by Stripe and its affiliates forever, worldwide, for free, for essentially any internal purpose including improving their products. This license cannot be revoked even after you stop using Stripe.
“User grants to Stripe, on behalf of itself and its Affiliates, a perpetual, worldwide, non-exclusive, irrevocable, royalty-free license to use the Content to develop, improve, and provide Services and Stripe Technology and for Stripe's internal business purposes.”
Any feedback you give Stripe about their services can be used by them forever, for any purpose, with no compensation to you.
“User grants to Stripe, on behalf of itself and its Affiliates, a perpetual, worldwide, non-exclusive, irrevocable, royalty-free license to use that Feedback for any purpose.”
You do not own any of Stripe's software or technology — you are only granted a limited, revocable license to use it while the agreement is in effect.
“The Stripe Technology is licensed, not sold, to User by Stripe (or its Affiliates, as applicable).”
Stripe can pull money directly from your bank account without notifying you each time. You are also waiving any legal rights you might otherwise have to cancel this bank debit authorization under applicable payment rules.
“User authorizes Stripe to debit and credit each User Bank Account without separate notice... If applicable debit scheme authorization rules grant User the right to revoke User's debit authorization, then to the extent Law permits, User waives that right.”
Fees you pay to Stripe are generally non-refundable, and you cannot cancel a payment obligation once it arises, unless there is a specific written exception or law requires it.
“Unless User and Stripe otherwise agree in writing or if Law requires, payment obligations are non-cancelable and Fees paid are non-refundable.”
Stripe has broad rights to collect money you owe by taking it from multiple sources including your Stripe balance, your bank account, and payment methods on file — across any related accounts.
“Stripe may collect all amounts owed by User by deducting them from User's Stripe Account balance, charging User's primary Payment Method, or invoicing User for those amounts... Stripe or its Affiliate may, to the extent Law permits, deduct, recoup or setoff these amounts from any of the following: (i) a Reserve of any User Entity; (ii) funds payable by a Stripe Entity to a User Entity; (iii) the Stripe Account balance of a User Entity; (iv) each User Bank Account; and (v) a backup User-selected Payment Method.”
Stripe can change, limit, or stop offering any part of its services at any time. While they promise 'reasonable notice' for material reductions in functionality, exceptions exist for security or legal compliance reasons.
“Stripe may modify or discontinue any aspect of the Services or Stripe Technology, including imposing conditions on use of the Services or Stripe Technology or ceasing to offer a Service or Stripe Technology in a specific country or region.”
Stripe can raise its prices at any time with just 30 days' notice. You have no contractual right to lock in current pricing long-term.
“Subject to the requirements of Law, Stripe may revise the Fees and Subscription Plans at any time. Stripe will provide User with at least 30 days notice... of any increase in a Fee or any new Fees.”
When your agreement with Stripe ends, Stripe has no obligation to keep your data. Your data could be deleted after termination unless a law or other agreement requires otherwise.
“Stripe is not obligated to retain data that it receives from or through User after the Term, except as (a) required by Law; (b) reasonably required for Stripe to perform any post-termination obligations; (c) this Agreement otherwise states; or (d) the parties otherwise agree in writing.”
Stripe can share your confidential information with financial partners, their affiliates, and third-party service providers as needed to provide the services. The scope of who qualifies as a 'Financial Provider' or 'third-party service provider' is not fully defined in the excerpted text.
“The recipient may disclose Confidential Information only to its and its Affiliates' directors, employees, contractors, agents, professional advisors, and third-party auditors (and where Stripe is the recipient, to Financial Providers and their respective Affiliates, and Stripe's third-party service providers, as reasonably necessary to perform the Services).”
Data handling obligations are largely governed by a separate Data Processing Agreement (DPA) that is referenced but not included in this document. The full scope of data rights and obligations requires reviewing that separate document.
“Each party will comply with the DPA, including the Data Transfers Addendum, which is incorporated into this Agreement by this reference.”
Stripe makes no guarantees that the service will work reliably or be error-free, and disclaims most warranties. If the service fails, your ability to recover damages from Stripe is significantly limited.
“Stripe provides the Services and Stripe Technology 'as is'... Stripe does not warrant that User's use of the Services and Stripe Technology will be uninterrupted or error-free... Stripe is not liable for delays, failures or problems inherent in use of the internet.”
If you use any 'Preview' (beta) features, Stripe's total financial liability to you is capped at $1,000 regardless of what goes wrong or how much damage occurs.
“Notwithstanding anything else in this Agreement, to the maximum extent permitted by Law, Stripe provides no warranty, indemnity, or support for Preview Services and Stripe's aggregate liability for Preview Services is limited to USD$1,000.”
If your account is hacked or accessed without authorization, you bear responsibility for resulting losses unless Stripe itself was grossly negligent or acted fraudulently. This places a significant security burden on you as the account holder.
“User is solely responsible for any losses, damages or costs that User or others may suffer arising out of or relating to hacking, tampering, or unauthorized access of the Services, User's Stripe Account, or Protected Data, or User's failure to use or implement anti-fraud or data security measures, except to the extent that those losses, damages, or costs are caused by Stripe's gross negligence, fraud, or willful misconduct.”
Subscriptions and free trials can automatically convert to paid plans. The specific auto-renewal and cancellation terms are contained in separate Subscription Plan documents not fully included here.
“Subscription Services are governed by the terms of the applicable Subscription Plan... the Fees stated on the Stripe Pricing Page will apply... the start of any Subscription Plan that User has purchased, at which point that Subscription Plan will automatically commence.”
Stripe can use your company's name and logo in their marketing materials and on their website to identify you as a customer. You can provide usage guidelines, but you cannot fully opt out of being named as a Stripe customer.
“Stripe and its Affiliates may use User's Marks: (i) on Stripe webpages and apps that identify Stripe's customers or users; (ii) in Stripe sales and marketing materials and communications; and (iii) in connection with any promotional activities to which the parties agree in writing.”
Missing Protections
- No explicit termination notice period or cure period for Stripe-initiated terminations described in the excerpted text — users may not know how much time they have to remedy issues before account closure
- No explicit data portability rights — the agreement does not describe a process for users to export their data before termination
- No service level agreement (SLA) or uptime guarantee included in general terms — reliability commitments appear to be absent or deferred to separate documents
- No explicit refund or credit process for service outages or failures
- No cap on how many times Stripe can attempt to debit your bank account for outstanding amounts
- No clear opt-out mechanism described for Stripe's use of your content for internal business purposes under the perpetual license
- Full auto-renewal and cancellation terms are deferred to separate Subscription Plan documents not included here
- The complete data processing terms are in a separate DPA not included in this excerpt, making the full data rights picture incomplete
Fair Terms
- Stripe commits to at least 30 days' advance notice before raising fees or introducing new charges, which is a reasonable and concrete commitment
- Stripe commits to providing 'reasonable notice' before materially reducing service functionality, showing some regard for business continuity
- Open source license terms are explicitly stated to supersede conflicting terms in the agreement where open source code is involved, which protects certain user rights
- Stripe acknowledges liability exceptions where losses are caused by Stripe's own gross negligence, fraud, or willful misconduct — meaning Stripe cannot entirely escape responsibility for its own bad acts
- Confidentiality obligations are mutual — both Stripe and the user are bound by the same confidentiality rules, not just the user
- The agreement references a formal Data Processing Agreement (DPA) and Data Transfers Addendum, suggesting structured data protection compliance
- Age verification provisions show some consideration of minors' protection in account setup
Document information only — not legal advice.