Privacy-shield for member's emails when paying with Stripe or other 3rd parties? #43
Labels
No labels
bug
duplicate
enhancement
help wanted
invalid
question
wontfix
No milestone
No project
No assignees
2 participants
Notifications
Due date
No due date set.
Dependencies
No dependencies set.
Reference: data.coop/membersystem#43
Loading…
Reference in a new issue
No description provided.
Delete branch "%!s()"
Deleting a branch is permanent. Although the deleted branch may continue to exist for a short time before it actually gets removed, it CANNOT be undone in most cases. Continue?
It's a feature: If we shared people's email address with Stripe, we would need a privacy policy that stated this + a checkbox to agree because 1) an email is PII, 2) people cannot reasonably assume that we share their email if they click a button that says "Pay".
Many people also sign up with username+datacoop@provider.tld
But to answer the question: Yes, Stripe does support this: https://docs.stripe.com/api/checkout/sessions/create#create_checkout_session-customer_email
Alright. I'll close this again :)
I was wondering if anyone would disagree with this, but I think that when we choose between user convenience and privacy, then privacy will probably always win :)
Unfortunately Stripe also doesn't support removing the email field entirely.
However, a "funny" way to fix it would be to supply Stripe with a /dev/null email address, thus hiding the field 🙃
I agree privacy is more important. The latter approach also sounds interesting!
Let's keep this open! Maybe we would provide privacy-shielded emails for members some day? Here's a good use-case!
(but we also don't want to violate Stripe TOS and get blocked)
is it possible to pass on e-mail address to Stripe?to Privacy-shield for member's emails when paying with Stripe or other 3rd parties?