The fine print
- Who We Are and How to Contact Us
- Children’s Privacy
- To Whom Does This Policy Apply
- Personal Information That We Collect
- Information We Collect Directly From You
- Contacting Us
- Signing up for our Services
- Information We Collect Indirectly
- Google Analytics
- Payment Processing
- How Do We Use Personal Information We Collect
- Disclosure of Personal Information
- Advertising & Marketing
- Links to Third Party Sites
- Social Media
- “Do Not Track”
- How to Change Your Communication Preferences
- Your Choices
- How Long Do We Keep Your Personal information?
- Data Security and Integrity
- Notice to Nevada Consumers
- International Transfers
- Additional Information for Users in the EEA and the U.K.
- Social Media and Joint Controllership for Individuals in the EEA
IF YOU ARE A NEVADA RESIDENT: If you are a resident of Nevada, please see the section titled Additional Information for Nevada Residents below, which will inform you in detail about our information collection practices and your specific rights.
Who We Are and How to Contact Us
StreamWork is a Delaware Limited Liability Company with the following contact information:
2261 Market Street
San Francisco, CA 94114
If you have reason to believe that a child under the age of 16 has provided personal data to StreamWork through the Platform, please contact email@example.com and we will endeavor to delete that information from our databases.
To Whom Does This Policy Apply
Site Visitors means visitors to our Site, including those who do not register for our Services (“Site Visitors”)
Customers means any individual who registers individually or on behalf of an entity or organization in order to use the Services, whether as part of a free trial, free plan, or paid subscription (“Customer”)
Personal Information That We Collect
What personal information we collect and process depends on a number of factors. As explained in more detail below, we process personal information that we receive directly from you when you provide it to us, such as when you sign up for our Services, or indirectly, such as through automated technologies (e.g., cookies) or from third parties.
We use the terms ‘controller’ and ‘processor’ or ‘service provider’ as they are commonly understood under applicable privacy laws. With respect to its collection and processing of personal information, StreamWork generally acts as a ‘data processor’ and ‘service provider’ when it collects and processes personal information on behalf of its Customers in order to provide the Services, such as with respect to your media content or comments left in your account. We also act as a ‘data controller’ when we collect personal information on our own behalf and for our own commercial and business purposes, such as from Site Visitors or to register Customers, to improve our Services or send marketing.
Information We Collect Directly From You
You can generally visit our Site without having to submit any personal information. However, if you wish to use our Services, you will be asked to provide information about yourself.
If you contact us through our “Contact” form on the Site, via the chat feature or otherwise send us an email, we process any personal information contained in those communications, including name, contact information, company and any other information that you submit to us.
Signing up for our Services
If you sign up for our Services, whether as a free trial, free plan, or paid subscription, we or our third party processors will collect personal information as follows:
First and last name
Location (Country/State/Zip Code)
If you are a Customer, as a processor or service provider, we also collect any personal information that is included in the media content uploaded to your account and comments left in your account.
If you are a Customer, we use PCI-compliant third-party processors, as explained in Payment Processing. Payment information is processed by our payment service providers, and we receive a confirmation of payment, which we then associate with your account and any relevant transactions.
Customer reviews may contain names, company names, photos and contact information. If you submit a Customer review, with your consent, it may be posted on the Site and publicly visible. We may also share it with strategic partners.
Information We Collect Indirectly
Automatically Collected Information
If you are browsing or interacting with the Site, we collect the same basic information that many other websites collect. Even if you do not have an account, we, or authorized third parties engaged by us, automatically collect information about your use of the Site, which consists of:
Device Information means information about the devices and software you use to access the Site (“Device Information”) – primarily the internet browser or mobile device that you use, the website or source that linked or referred you to the Site, your IP address or device ID (or other persistent identifier that uniquely identifies your computer or mobile device on the Internet), the operating system of your computer or mobile device, device screen size and other similar hardware and software information, and language preference
Usage Information means information about your interactions with the Site (“Usage Information”), including access dates and times, device event information, log data, crash data, and cookie data. This information allows us to understand the screens that you view, how you’ve used the Site and/or our Services (which may include administrative and support communications with us), and other actions on the Site. We, or our authorized third parties, automatically collect log data when you access and use the Site for all Site Visitors, even if you have not created an account or logged in. We use this information to administer and improve the Services, analyze trends, track users’ use of the Site, and gather broad demographic information for aggregate use
Location Information – based on this Device Information and Usage Information – mainly IP address – we are also able to determine general location information (country, city)
We collect payments from Customers only and do not directly collect or store payment information. We use third-party, PCI-compliant, payment processors, which collect payment information on our behalf in order to complete transactions with our Customers. While our administrators are able to view and track actual transactions via the client portals of the payment processors, we do not have access to, or process, credit card information. We currently use Stripe to process certain payments and you can read more about Stripe’s collection of personal information at https://stripe.com/privacy.
How Do We Use Personal Information We Collect
We use your personal information for a number of different reasons, as further explained below.
In addition, for users located in the EEA and the U.K., we must have a valid legal basis in order to process your personal data. Generally speaking, the main legal bases under the European Union’s General Data Protection Regulation (GDPR) that justify our collection and use of your personal data are:
Performance of a contract – When your personal data is necessary to enter into or perform our contract with you
Consent – When you have consented to our use of your personal data via a consent form (online or offline)
Legal obligation – When we need to use your personal information to comply with our legal obligations
Legal claims – When your personal information is necessary for us to defend, prosecute or make a claim
Legitimate interests – When we use your personal data to achieve a legitimate interest and our reasons for using it outweigh any prejudice to your data protection rights. StreamWork provides adequate notice, access and choice.
Below are the general purposes and corresponding legal bases (in italics) for which we may use your personal information:
Providing, updating and maintaining the Platform – In particular, we will use your data to ensure that the Site loads and works for you, to set-up an account, or provide you with notices regarding purchases or other important information. Depending on the context, performance of a contract, legitimate interests, and in some cases, legal claims
Processing and completing transactions, and sending you related information, including purchase confirmations and invoices – In particular, we will use your data to complete any purchases for the Services, set up billing and resolve any issues with respect to the foregoing. Performance of a contract
To otherwise communicate directly with you – In particular, if you contact us or otherwise send as a communication, we may process your personal information. Depending on the context, performance of a contract, legitimate interests, and in some cases, legal claims
Improving the content and general administration of the Platform, including to perform system maintenance and upgrades – In particular, we may use Device, Usage and Location Information to make changes to certain features or improve the Site, or use other information derived from personal information to offer new Services or make upgrades to the Platform. Legitimate interests
Detecting fraud, illegal activities or security breaches – In particular, we may use information such as your IP address to help us prevent abuse of the Platform and investigate any potential unauthorized use of the Platform or other security breaches. Legitimate Interests
Conducting statistical analyses and analytics by monitoring and analyzing trends, usage, and activities in connection with the Platform – In particular, we do this internally or via third parties such as Google Analytics, and other partners. Consent where required (e.g., third-party cookies) or legitimate interests
Sending marketing communications, in line with your communication preferences Consent (depending on location and Customer relationship) or legitimate interests
As required by applicable law, legal process or regulation – We may use your information to comply with valid court orders and similar legal or regulatory obligations which apply to us. This may include where we reasonably consider it is in our legitimate interests (or the legitimate interests of others) to comply, as well as where we are legally required to do so Legal obligations or claims
Disclosure of Personal Information
We disclose your personal information as described below.
Third-Parties and Service Providers
StreamWork discloses users’ information to our third party agents, contractors or service providers who are hired to perform services on our behalf. These companies do things to help us provide the Platform, and in some cases collect information directly, for example as explained in Payment Processing above. Below is an illustrative list of functions for which we may use third-party service providers:
Hosting and content delivery network services
Lead generation partners
Marketing and social media partners
Customer support services
Hosting and content delivery network services
Functionality and debugging services
Professional service providers, such as auditors, lawyers, consultants, accountants and insurers
As we continue to grow, we may purchase websites, applications, subsidiaries, other businesses or business units. Alternatively, we may sell businesses or business units, merge with other entities and/or sell assets or stock, in some cases as part of a reorganization or liquidation in bankruptcy. In order to evaluate or as part of these transactions, we may transfer your personal information to a successor entity upon a merger, consolidation or other corporate reorganization in which StreamWork participates, or to a purchaser or acquirer of all or a portion of StreamWork’s assets, bankruptcy included.
We share aggregated, automatically-collected or otherwise non-personal information with third parties for various purposes, including (i) compliance with reporting obligations; (ii) for business or marketing purposes; (iii) to assist us and other parties in understanding our users’ interests, habits and usage patterns for certain programs, content, services, marketing and/or functionality available through the Platform. We do not share personal information about you in this case.
Legal Obligations and Security
If we are required to disclose personal information by law, such as pursuant to a subpoena, warrant or other judicial or administrative order, our policy is to respond to requests that are properly issued by law enforcement within the United States or via mutual legal assistance mechanism (such as a treaty). However, if we receive information that provides us with a good faith belief that there is an exigent emergency involving the danger of death or serious physical injury to a person, we may provide information to law enforcement trying to prevent or mitigate the danger (if we have it), to be determined on a case-by-case basis.
Advertising & Marketing
Information We Use for Advertising and Marketing
We advertise our Platform by targeting (and measuring the performance of) ads to Site Visitors, Customers on other websites and platforms directly or through a variety of partners, including third party advertisers, ad server companies, social networks and ad networks (collectively, “External Ad Partners”). In order to advertise our Services, we or our External Ad Partners use the following information, whether separately or combined:
Device Information and Location Information collected via cookies and similar technologies on our Site
Information provided directly by Customers or individuals who reach out to us directly
Usage Information from your use of the Platform
Information from External Ad Partners
Information inferred the categories of information described above.
When we serve ads based on the foregoing information, it is referred to as “targeted advertising” because External Ad Partners track your activity on and off the Site in order to deliver targeted advertising based on your activity, such as one of your visits to the Site. In addition, as noted above, the information that External Ad Partners collect from our Services may be combined with other information from other sources and be used to build profiles on you and other individuals for the purposes of delivering targeted advertising.
In addition to advertising our Services, we use Customer data and content to market our Services, promote additional features or encourage Customers to share our Platform.
For more information about interest-based advertising, please visit the Network Advertising Initiative website and/or the Digital Advertising Alliance (“DAA”) Self-Regulatory Program for Online Behavioral Advertising website. To learn more about interest-based advertising and to opt-out of this type of advertising by third parties that participate in the DAA’s AppChoices tool, please use this link. Please note that any opt-out choice you exercise through these programs will apply to interest-based advertising by the third parties you select, but will still allow the collection of data for other purposes, including research, analytics, and internal operations. You may also continue to receive advertising, but that advertising may be less relevant to your interests. You may have more options depending on your mobile device and operating system. For example, most device operating systems (e.g., iOS for Apple phones, Android for Android devices) provide their own instructions on how to limit or prevent the delivery of tailored in-application advertisements. You may review the support materials and/or the privacy settings for the respective operating systems to learn more about these features and how they apply to tailored in-app advertisements.
Please visit our Cookie Notice for more information on the types of cookies that are used by us and our External Ad Partners within the Services, as well as information on your choices and how to opt -out.
For users in the EEA and U.K., we provide opt-in mechanisms with respect to non-essential cookies.
Links to Third Party Sites
“Do Not Track”
StreamWork does not respond to Do Not Track (“DNT”) browser signals. For more information on DNT settings generally, please visit https://allaboutdnt.com.
How to Change Your Communication Preferences
To keep your information accurate, current, and complete, please contact us as specified below. We will take reasonable steps to update any information in our possession that you have previously submitted via the Platform. Note that you may also manage your communications preferences and the receipt of any commercial communication by clicking the “unsubscribe” link included at the bottom of all emails from StreamWork. You may also adjust your preferences through your account settings if you have a StreamWork account, or send an email to firstname.lastname@example.org.
You have choices about how to protect and limit the collection, use, and sharing of information about you. Note that in order to protect your privacy and security, we will also take reasonable steps to verify your identity before granting you access or enabling you to make corrections or delete your information.
Accessing and Changing Your Information
You can access and change certain information through the Platform if you are a Customer, or by contacting us as email@example.com.
Most web browsers are set to accept cookies by default. If you prefer, you can usually choose to set your browser to remove or reject first and third-party cookies. Please note that if you choose to remove or reject cookies, this could affect the availability and functionality of our Services. For more information on controlling how cookies and similar technologies are used on the Site, see our Cookie Notice.
For users in the EEA and U.K., we provide opt-in mechanisms with respect to non-essential cookies. If you opt-in and subsequently change your mind, you may withdraw your consent at any time.
Controlling Advertising and Analytics
Some analytics providers we partner with may provide specific opt-out mechanisms. For example, you may manage the use and collection of certain information by Google Analytics via the Google Analytics Opt-out Browser Add-on.
As explained here, you may also generally opt-out of receiving personalized advertisements from certain third-party advertisers and ad networks. To learn more about these advertisements or to opt-out, please visit the sites of the Digital Advertising Alliance and the Network Advertising Initiative, or if you are a user in the European Economic Area, Your Online Choices.
For users in the EEA and U.K., we provide opt-in mechanisms with respect to non-essential cookies. If you opt-in and subsequently change your mind, you may withdraw your consent at any time.
Controlling Promotional Communications
You may opt-out of receiving some or all categories of promotional communications from StreamWork by following the instructions/link contained in those communications or, if you are a Customer, by updating your email options in your account preferences. If you opt-out of promotional communications, we may still send you non-promotional communications, such as information about your account and/or transactions, or your use of the Services.
How Long Do We Keep Your Personal information?
General Retention Periods
We use the following criteria to determine our retention periods: the amount, nature and sensitivity of your information, the reasons for which we collect and process your personal data, the length of time we have an ongoing relationship with you and provide you with access to our Platform, and applicable legal requirements. We will retain personal information we collect from you where we have an ongoing legitimate business need to do so (for example, to comply with applicable legal, tax or accounting requirements). Additionally, we cannot delete information when it is needed for the establishment, exercise or defense of legal claims (also known as a “litigation hold”). In this case, the information must be retained as long as needed for exercising respective potential legal claims.
When we have no ongoing legitimate business need to process your personal information, we will either delete or anonymize it or, if this is not possible (for example, because your personal information has been stored in backup archives), we will securely store your personal information and isolate it from any further processing until deletion is possible.
For any questions about data retention, please contact firstname.lastname@example.org.
In some instances, we may choose to anonymize your personal data instead of deleting it, for statistical use, for instance. When we choose to anonymize, we make sure that there is no way that the personal data can be linked back to you or any specific user.
Data Security and Integrity
We take steps that are reasonably necessary to securely provide our Platform. We have put in place reasonably appropriate security measures designed to prevent your personal data from being accidentally lost, used or accessed in an unauthorized way, altered or disclosed. We limit access to personal data only to those employees, agents, contractors and the third parties who have a business need-to-know.
We also have procedures in place to deal with any suspected data security breach. If required, we will notify you and any applicable regulator of a suspected data security breach. We also require those parties to whom we transfer your personal information to provide acceptable standards of security.
Notwithstanding, no Internet or email transmission is ever fully secure or error free. In particular, email sent to or from the Platform may not be secure. Therefore, take special care in deciding what information you send to us via email. For any questions about the security of your information, please contact email@example.com.
Notice to Nevada Consumers
We do not sell your personal information within the scope of, and according to the defined meaning of, a “sale” under NRS 603A.
We are located in the United States, and the personal information that we collect is stored on servers located in the United States. This means that your personal information will be collected, processed and stored in the United States, which may have data protection laws that are different from (and sometimes less protective than) the laws of your country or region, such as the GDPR.
Additional Information for Users in the EEA and the U.K.
If you are in the EEA or the U.K., please read this section for more information.
Staying In Control of Your Information: Your Rights
If you are in the EEA or the U.K., you have certain rights in relation to your personal data:
The right of access – your right to request a copy of the personal data we hold about you (also known as a ‘data subject access request’);
The right to rectification – your right to request that we correct personal data about you if it is incomplete or inaccurate (though we generally recommend first making any changes in your account settings);
The right to erasure (also known as the ‘right to be forgotten’) – under certain circumstances, you may ask us to delete the personal data we have about you (unless it remains necessary for us to continue processing your personal data for a legitimate business need or to comply with a legal obligation as permitted under the GDPR, in which case we will inform you). Note that your data may be deleted by clicking here;
The right to restrict processing – your right, under certain circumstances, to ask us to suspend our processing of your personal data;
The right to data portability – your right to ask us for a copy of your personal data in a common format (for example, a .csv file);
The right to object – your right to object to us processing your personal data (for example, if you object to us processing your data for direct marketing); Rights in relation to automated decision-making and profiling – our obligation to be transparent about any profiling we do, or any automated decision-making; and
The right to lodge a complaint at any time to the supervisory authority for data protection issues in your country of residence – however, we ask that you please contact us first so that we can first address your concerns.
These rights are subject to certain rules around when you can exercise them.
If you are located in the EEA or the U.K. and wish to exercise any of the rights set out above, you may contact us at firstname.lastname@example.org. You will not have to pay a fee to access your personal data (or to exercise any of the other rights) unless your request is clearly unfounded, repetitive or excessive. Alternatively, we may refuse to comply with your request under those circumstances.
We may need to request specific information from you to help us confirm your identity. This is a security measure to ensure that personal data is not disclosed to any person who has no right to receive it. If we cannot reasonably verify your identity, we will not be able to comply with your request(s).
We will respond to all legitimate requests within one month. Occasionally it may take us longer than a month if your request is particularly complex or you have made a number of requests. In this case, we will notify you and keep you updated as required by law.
More information as regards our legal relationship with some of those social media platforms is available here for users in the EEA and the U.K..