Stripe resolver for effaced — export and erase a data subject's PII held in Stripe.
Project description
effaced-stripe
First-party effaced resolver for Stripe — export and erase a data subject's billing PII held in Stripe.
- Export (Art. 15): customer profile, addresses, and payment-method metadata.
- Erase (Art. 17): Stripe customer deletion, which Stripe itself implements as a GDPR-aware redaction.
uv add effaced effaced-stripe
from effaced import ResolverRegistry, SubjectRef
from effaced_stripe import StripeResolver
registry = ResolverRegistry()
registry.register(StripeResolver(api_key="rk_live_..."))
# Refs of kind "stripe" are routed to this resolver; the value is the
# Stripe customer id.
ref = SubjectRef(kind="stripe", value="cus_...")
Restricted-key setup
Don't hand the resolver your full secret key. Create a restricted key (Dashboard → Developers → API keys → Create restricted key) with exactly the permissions the resolver uses:
| Permission | Access | Used for |
|---|---|---|
| Customers | Write | retrieve for export, delete for erasure |
| Payment Methods | Read | payment-method metadata in exports |
Everything else stays None. A key missing one of these surfaces as a
non-retryable ResolverError the first time the saga touches Stripe.
What gets exported — and what never is
Exported, when populated: customer email, name, phone, billing and
shipping addresses, and per payment method its type, card metadata
(brand, last4, exp_month, exp_year), and billing details.
Never exported:
- Full card numbers. Stripe does not expose PANs over its API, so no export from this resolver can ever contain one — don't let anyone tell you otherwise.
metadatadicts. Their contents are defined by your application; the resolver cannot know what they hold. Export those fields through your own data map instead.
Changing the exported field set is behaviour under effaced's widened SemVer: additions are MINOR, removals MAJOR.
Idempotency & error semantics
- Erasing a customer Stripe no longer knows is success
(
already_absent=True), never an error — saga retries depend on it. - Rate limits (429), connection faults, and Stripe-side errors (5xx)
propagate so the saga runner retries with backoff. Bad or
under-permissioned keys and malformed requests raise
ResolverErrorand abandon fast. SDK-internal retries are disabled; the saga runner owns retry policy.
Testing
No live calls: pass http_client= (any stripe.HTTPClient) to fake the
transport. The package is verified against the shared
effaced.testing.ResolverConformanceSuite — subclass it the same way to
certify your own resolver.
Not legal advice. effaced provides technical mechanisms for implementing data-subject rights. It does not make you GDPR-compliant and does not constitute legal advice.
Licensed under Apache-2.0.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file effaced_stripe-0.1.0.tar.gz.
File metadata
- Download URL: effaced_stripe-0.1.0.tar.gz
- Upload date:
- Size: 16.0 kB
- Tags: Source
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
6d9a2c6a89b46d047ac2a911a47f351bbe78fa1453bccffaeb5f0d3eada14214
|
|
| MD5 |
f1605126eb164de31a97caaeb510120e
|
|
| BLAKE2b-256 |
8dd07f1d436230d1615fff31fbe5fff38b2d19df7d5d78ddfb13c9876f928f0c
|
Provenance
The following attestation bundles were made for effaced_stripe-0.1.0.tar.gz:
Publisher:
publish.yml on jaylann/effaced
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
effaced_stripe-0.1.0.tar.gz -
Subject digest:
6d9a2c6a89b46d047ac2a911a47f351bbe78fa1453bccffaeb5f0d3eada14214 - Sigstore transparency entry: 1792446927
- Sigstore integration time:
-
Permalink:
jaylann/effaced@e783a3038a30163a5eecf50b44a2d5ff9e7b490e -
Branch / Tag:
refs/tags/effaced-stripe-v0.1.0 - Owner: https://github.com/jaylann
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@e783a3038a30163a5eecf50b44a2d5ff9e7b490e -
Trigger Event:
release
-
Statement type:
File details
Details for the file effaced_stripe-0.1.0-py3-none-any.whl.
File metadata
- Download URL: effaced_stripe-0.1.0-py3-none-any.whl
- Upload date:
- Size: 12.0 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? Yes
- Uploaded via: twine/6.1.0 CPython/3.13.13
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
50708cdd3f24ff5baa6b0232657900fee57d62e69730fd7561a3bed1c89d3cf9
|
|
| MD5 |
34a9ffd09c5989cf48058f0505318c1b
|
|
| BLAKE2b-256 |
65be5cbb234222e5b6b252c4940c79b4c50f5d37e022a67c9617d000093b951a
|
Provenance
The following attestation bundles were made for effaced_stripe-0.1.0-py3-none-any.whl:
Publisher:
publish.yml on jaylann/effaced
-
Statement:
-
Statement type:
https://in-toto.io/Statement/v1 -
Predicate type:
https://docs.pypi.org/attestations/publish/v1 -
Subject name:
effaced_stripe-0.1.0-py3-none-any.whl -
Subject digest:
50708cdd3f24ff5baa6b0232657900fee57d62e69730fd7561a3bed1c89d3cf9 - Sigstore transparency entry: 1792446968
- Sigstore integration time:
-
Permalink:
jaylann/effaced@e783a3038a30163a5eecf50b44a2d5ff9e7b490e -
Branch / Tag:
refs/tags/effaced-stripe-v0.1.0 - Owner: https://github.com/jaylann
-
Access:
public
-
Token Issuer:
https://token.actions.githubusercontent.com -
Runner Environment:
github-hosted -
Publication workflow:
publish.yml@e783a3038a30163a5eecf50b44a2d5ff9e7b490e -
Trigger Event:
release
-
Statement type: