General Data Protection Regulation (GDPR)

Last update: January 29, 2025

At Streamkap, the privacy and security of your data is our top priority. GDPR applies not only to EU-based businesses, but also to any business that controls or processes data of EU citizens. At Streamkap, our entire organization is hard at work ensuring that our own practices are GDPR-compliant. But equally important to us is helping you, our partners and customers, understand what the GDPR means for your businesses and build compliant processes of your own.

SECTION EXPLANATION
Individual in charge of GDPR Ricky Thomas, CISO
Data Protection Officer We have appointed a Data Protection Officer. You may contact at:

Richard Bradley - Bulletproof Cyber
dataprotection@streamkap.com
ICO Ref: ZB861908

If you think the DPO is not the correct party to address for any questions or inquiries about this Statement, contact us through our provided contact data above.
Purpose of Processing Continuous monitoring and evidence collection of security controls mapped to various compliance frameworks to streamline audit preparation and to efficiently remediate security and compliance gaps.

For more details, see Streamkap’s Privacy Policy – How We Use Your Personal Information.
Lawful Basis of Processing and Consent Under Article 6 of GDPR, it falls under:

Consent: Via SAS Agreement and Opt-in of Terms and Conditions. Removal of consent will be done on request or via the Streamkap Web App.
Contract: Via contracts with clients which give Streamkap permission to manage their Data for the purpose of helping them achieve Data Privacy and Security Compliance.
Legitimate Interest: It is in the legitimate interest of clients to share their data with Streamkap for the purpose of helping them achieve Data Privacy and Security Compliance.

For more information, see the Streamkap Privacy Policy – “GDPR Notice” section.
Withdrawal of consent (or opt out) For Users, withdrawal of consent or opting out after initial consent/opt-in will be available via the Web App.
For Visitors, opting out can be done by emailing privacy@streamkap.com.
Cookie Policy Cookie Policy
Deletion Policy Deletion of data for clients is available when terminating a contract.
Data Deletion on the website (Streamkap.com) for visitors can be done by contacting privacy@streamkap.com.
Data Access / Modification / Portability Users can Access, Modify and Download their data directly from the Web App.
Visitors can request a copy or update of their data by emailing privacy@streamkap.com.
Data Protection Info Streamkap deploys and maintains a single-tenant Database architecture, alongside best industry practices in security attested to in a SOC 2 Type 2 report covering security, confidentiality, availability, and processing integrity.
Notification of Data Breach Streamkap’s data breach notification process is outlined within its Incident Response Policy and made available upon request.