Stream Financial Technology Corporation

Effective Date: August 16th, 2024

Stream Financial Technology Corporation ("we," "our," "us") values and respects the privacy of our customers, partners, and users. This Privacy Policy is designed to inform you, as a user of our services, about the collection, use, disclosure, and protection of your personal data. By accessing or using any services provided by Stream Financial Technology Corporation, including but not limited to the streamOS Contract2Cash platform and the B2B Marketplace (collectively, the “Services”), you consent to the data practices described in this Privacy Policy.

This Privacy Policy is intended to comply with applicable data protection laws, including, where applicable, the General Data Protection Regulation (GDPR) and the California Consumer Privacy Act (CCPA).

1. Definitions

For the purposes of this Privacy Policy:

  • "Personal Data" refers to any information that relates to an identified or identifiable individual, including but not limited to names, contact information, billing details, and other information as defined by applicable data protection laws.
  • "Processing" refers to any operation performed on personal data, including collection, storage, use, disclosure, and deletion.
  • "Data Controller" refers to the entity that determines the purposes and means of processing personal data.

2. Information We Collect

We may collect and process the following categories of data in connection with your use of our Services:

  • Customer and Contract Data: Information about your customers, including but not limited to names, credit information, invoices, contractual terms, account details, and product data that you provide or that is automatically synced through integrations with third-party systems (such as accounting and CRM platforms).
  • Business and Financial Information: This includes data related to contractual terms, revenue metrics, payment information, reconciliation data, and other financial metrics stored or computed in real-time through the Services.
  • Personal Data of Individuals: When you engage with our Services, we may collect personally identifiable information about you or your employees, such as your name, business contact information (including email address, phone number), job title, and professional credentials.
  • Usage Data: We collect data related to your interactions with our Services, such as IP addresses, browser types, device information, referring URLs, access logs, and other usage statistics that may help us improve the functionality of our Services.

3. Methods of Data Collection

We collect data in several ways, including but not limited to the following:

  • Direct Collection: Personal Data may be collected directly from you when you voluntarily provide it, such as when you register for an account, submit inquiries, interact with customer service, or otherwise communicate with us.
  • Automated Technologies: We use cookies, web beacons, and other similar tracking technologies to collect information about how you interact with our Services.
  • Third-Party Integrations: We collect data from integrated systems such as accounting platforms and Customer Relationship Management (CRM) systems to facilitate data connectivity, financial workflows, and reconciliation. The nature of the data collected through these integrations is dictated by your configurations and the permissions granted to us.

4. Purposes for Processing Personal Data

We may process your Personal Data for the following legitimate business purposes:

  • To Provide the Services: To deliver, operate, maintain, and support our platform and its functionality, including real-time processing of revenue metrics, contractual terms, reconciliation of financial data, and related workflows.
  • To Improve the Services: To understand how users interact with our Services, to analyze usage patterns, and to improve the features, user experience, and functionality of our platform.
  • To Communicate with You: To respond to inquiries, provide support, send administrative updates, and communicate with you regarding product developments, service updates, and other information.
  • To Enforce Legal and Contractual Obligations: To comply with applicable legal obligations, contractual terms, and dispute resolution mechanisms, and to enforce our Terms of Service.
  • For Security Purposes: To protect the integrity of our systems and data, prevent fraud, unauthorized access, and security breaches, and ensure the safety of our customers' information.

5. Legal Basis for Processing (For GDPR-Compliant Regions)

Where the GDPR applies, we rely on the following legal grounds for processing your Personal Data:

  • Performance of a Contract: Processing is necessary to perform our contractual obligations, such as providing you with access to the Services.
  • Legitimate Interests: We may process your data based on our legitimate interests, provided that those interests are not overridden by your fundamental rights and freedoms. This includes improving the Services and ensuring their security.
  • Consent: Where applicable, we will rely on your consent to process your data, such as for certain types of marketing or data-sharing activities.

6. Disclosure of Data to Third Parties

We do not sell or rent Personal Data. However, we may disclose Personal Data to third parties under the following circumstances:

  • Service Providers: We may share Personal Data with third-party service providers that perform services on our behalf, including but not limited to cloud hosting providers, analytics services, and payment processors. These service providers are bound by contractual obligations to protect your data.
  • Legal and Regulatory Requirements: We may disclose Personal Data if required to comply with applicable laws, regulations, legal proceedings, or governmental requests, or to protect our rights, property, and safety.
  • Business Transactions: In the event of a merger, acquisition, reorganization, or sale of assets, your Personal Data may be transferred as part of such a transaction, subject to applicable confidentiality agreements.

7. Data Security

We implement appropriate technical and organizational measures to protect your Personal Data from unauthorized access, loss, destruction, or alteration. These measures include but are not limited to:

  • Encryption of sensitive information during transmission and storage.
  • Access controls, including multi-factor authentication, to restrict access to authorized personnel only.
  • Regular security audits and assessments to identify vulnerabilities and ensure ongoing protection.

However, please be aware that no data transmission or storage system can be guaranteed to be 100% secure.

8. Data Retention

We retain Personal Data for as long as necessary to fulfill the purposes for which it was collected, as outlined in this Privacy Policy, and as required or permitted by applicable law. Once we no longer have a legitimate business need to process your Personal Data, we will either delete, anonymize, or securely store it until deletion is possible.

9. Your Rights Under Data Protection Laws

Depending on your jurisdiction, you may have the following rights concerning your Personal Data:

  • Right to Access: You have the right to request access to the Personal Data we hold about you and obtain a copy of it in a structured, commonly used format.
  • Right to Rectification: You may request that we correct any inaccurate or incomplete information.
  • Right to Erasure ("Right to be Forgotten"): You may request the deletion of your Personal Data, subject to certain legal obligations.
  • Right to Restrict Processing: You may request that we limit the processing of your data under specific conditions.
  • Right to Object: You may object to certain types of processing, such as direct marketing.
  • Right to Data Portability: You have the right to request that your Personal Data be transferred to another controller in a machine-readable format.
  • Right to Withdraw Consent: If we are processing your data based on your consent, you may withdraw your consent at any time, which will not affect the lawfulness of processing prior to the withdrawal.

To exercise any of these rights, please contact us at [Insert Contact Information].

10. Cookies and Similar Technologies

We use cookies and similar tracking technologies to personalize your experience and gather information about the usage of our Services. You may manage cookie settings through your browser, but disabling cookies may affect your ability to access certain features of our platform.

11. Changes to This Privacy Policy

We reserve the right to modify or update this Privacy Policy at any time in response to changes in applicable laws or our business practices. Any changes will be posted on our website, and the "Effective Date" will be updated accordingly. We encourage you to review this policy periodically.

12. Contact Us

If you have any questions about this Privacy Policy, the handling of your Personal Data, or wish to exercise your privacy rights, please contact us:

Stream Financial Technology Corporation
Email: privacy@streamos.io