GDPR Privacy Notice

 
  1. DEFINITIONS

GDPR” or „Regulation” means REGULATION (EU) 2016/679 OF THE EUROPEAN PARLIAMENT AND OF THE COUNCIL of 27 April 2016 on the protection of individuals concerning the processing of personal data and on the free movement of such data and repealing Directive 95/46/EC (General Data Protection Regulation).

team on the run (TOTR)“, is a STREAMWIDE’s product, a comprehensive business communication solution that allows instant connection between remote teams and offers a fully customizable solution, tailored to the size and needs of any organization.

team on mission (TOM)”, is a solution that addresses the challenges of the demanding public safety environment – voice, data, video, interoperability, and location services, all bundled in one solution in real-time.

Data subject” represents any identified or identifiable natural person whose data is processed by STREAMWIDE, such as customers, potential customers, or visitors on the website.

Consent” means any manifestation of the data subject of the free will, specific, informed, and unambiguous by which he or she consents, by an unequivocal statement or action, to the processing of personal data concerning him or her.

„Personal data” means any information concerning an identified or identifiable natural person (”data subject”).

An identifiable natural person is a person who can be identified, directly or indirectly, by an identifying element, such as name, an identification number, location data, an online identifier, or one or more many specific elements, specific to his physical, physiological, genetic, mental, economic, cultural, or social identity.

The other terms used in this document have the meaning provided by GDPR and other applicable laws.

  1. INTRODUCTION

STREAMWIDE & STREAMWIDE S.A. (named STREAMWIDE), is a global company with offices across the globe in France (HQ), Romania, Tunisia, America, and China. STREAMWIDE is a communications software technology provider, delivering mission-critical communications and operations solutions. The products offered range from real-time voice and data solutions to geolocation services and digital transformation of operational processes.

The information is presented in this document, as the “Privacy Policy” and is applied under article 3 of European Regulation 2016/679 which refers to territorial applicability.

STREAMWIDE recommends that the Privacy Policy content be read in conjunction with the Terms and Conditions. In the event of a conflict or inconsistency between the terms of this Privacy Policy and any other clauses in the Terms and Conditions, the terms of this Privacy Policy shall prevail.

The purpose of this Privacy Policy is for the company to explain what categories of data are processed (collected, used, shared), why is processed, how is processed, to inform about the rights provided by GDPR and how they can be exercised.

STREAMWIDE is doing its best to store data subject’s data securely and to process it under the legislation of personal data protection.

STREAMWIDE is not disclosing information to third parties without informing data subjects following the legal provisions and is not making exclusively automated decisions, without any human involvement that has a significant impact on them.

By visiting the website, purchasing STREAMWIDE’s products, interacting with the company by any means or through any communication channel (e-mail, telephone, social networks),  the data subjects, agrees to this Privacy Policy.

If data subjects do not agree with the content described in this Privacy Policy, they cannot use or continue to use STREAMWIDE’s services and products.

  1. WHO WE ARE

STREAMWIDE S.A., a French company with head office in 84 rue d’Hauteville 75010 Paris France, RCS Paris 434188660, Tel.: +33 1.70.22 01 01, VAT: FR37434188660, e-mail: info@streamwide.com, is responsible for the processing of personal data collected directly from data subjects or other sources. 

For personal data to be processed securely, STREAMWIDE has made all the efforts to implement reasonable and adequate, technical, and organizational measures.

  1. INDIVIDUAL’s QUALITY RELATED TO STREAMWIDE

According to GDPR legislation, the individual, the beneficiary of STREAMWIDE’s products, the representative or the contact person of a legal entity as our customer or our potential customer, the website visitor or a natural person in any kind of relationship is having with STREAMWIDE, is a “data subject” meaning an identified or identifiable natural person.

To be completely transparent about data processing operations, STREAMWIDE has implemented measures that facilitate any time the exercise of data subject’s rights. For more details, see Section 6.

  1. STREAMWIDE’s COMMITMENT

The protection of the data subject’s personal information is very important to STREAMWIDE. Therefore, STREAMWIDE is committed and complies with legislation on the protection of personal data, in particular, Regulation (EU) 679/2016, also known as the GDPR, and the following principles:

  • Legality, fairness, and transparency

STREAMWIDE processes data subject information correctly and under legal requirements from any field. STREAMWIDE is transparent about the information is using, and data subjects are properly informed.

  • Data subjects are having control

 Within the limits of the law, STREAMWIDE offers to data subjects the opportunity to examine, modify, delete the personal data they have shared with STREAMWIDE and to exercise their other rights. For more information,                    see Section 7..

  • Data integrity and purpose limitation

STREAMWIDE is using personal data only for the purposes described at the time of collection or for new purposes compatible with the original ones.

STREAMWIDE ensures that personal data is accurate, complete, and updated.

  • Security

STREAMWIDE has implemented reasonable security measures for the processing of all personal data..

  1. INFORMATION. PURPOSES. LEGAL GROUNDS

When data subjects are browsing on STREAMWIDE’s website, when they are sending a request by e-mail or when they are contacting the company for any other purpose and by any communication channel, they may communicate the following personal data, which are collected directly from them or other sources, as explained below.

Personal data processed

            Purpose/purposes

            Legal Grounds

·       Name,

·       Address

 

  • Other users may contact data subjects through the use of the Application
  • For billing
  • To be legally compliant
  • To prevent fraud and other crimes
  • For direct marketing (only if we have data subjects prior consent).
  • Concluding or executing a contract – Art. 6 (1) b GDPR.
  • Legal obligation – Art. 6 (1) c GDPR.
  • Legitimate interestArt. 6 (1) f) GDPR.
  • Consent – Art. 6 (1) a) – (only for direct marketing).

·       E-mail

  • For billing
  • To be legally compliant
  • To prevent fraud and other crimes
  • For direct marketing (only if we have data subjects prior consent)
  • Legal obligation – Art. 6 (1) c GDPR.

 

  • Legitimate interestArt. 6 (1) f) GDPR.
  • Consent – Art. 6 (1) a) – (only for direct marketing).

·       IP address

  • To defend ourselves against cyber attacks
  • To prevent fraud
  • For network functioning
  • Legitimate interest – Art. 6 (1) f) GDPR

·       E-mail address,      language, country or location

  • Articles, events, newsletters, communications
  • Consent – Art. 6 (1) a) – (only for direct marketing).

·       Legitimate interest – Art. 6 (1) f) GDPR

·       Phone number

  • To operate, maintain, and provide clients the features and functionality of the application (team on the run)
  • Concluding or executing a contract – Art. 6 (1) b GDPR.

·       Passwords

  • Whenever we have given you (or where you have chosen) a password that enables you to access parts of the Application
  • Concluding or executing a contract – Art. 6 (1) b GDPR.

*Although we have made all the efforts to identify all processed personal data and purposes of the processing, the above table is not exhaustive.

 

6.1. ADDITIONAL INFORMATION

STREAMWIDE is collecting most of the information directly from data subjects (for example, by filling out a form on the website, and/or the TOM and TOTR applications), but also there may be situations where the company collects data from third parties (i.e. partners, platforms).

In addition to the information indicated above, we may also collect the following information, depending on the circumstances:

  • How you interact with STREAMWIDE’s website (for example, information about how and when you access the website or what device you use to access the website);
  • Information provided when filling out forms or questionnaires;
  • The content of messages sent through e-mail and messaging systems;
  • To alert you about product upgrades, special offers, updated information, and other new services from STREAMWIDE;
  • By downloading the Application, the clients will be registered as a team on the run User/Team on Mission (“User”). This means that if clients mobile phone number is stored in the mobile address book or contact list on another User’s mobile device, they may be informed that you are also a User;
  • Returned messages as undeliverable may be retained on the company’s servers for a period of up to 30 days (or 7 days where they have a multimedia attachment) for the User to attempt to resend. Following the 30 or 7 day period (as applicable), or where the undeliverable message is successfully redelivered, STREAMWIDE will delete the undeliverable message from its servers;
  • If Webchat function is utilized and application is hosted by team on the run;
  • STREAMWIDE may copy, store, or archive the contents of messages where it hosts the operation of the service at its location. If this is the case it will be responsible for the copying, storage, and archiving of user’s data on its servers.
  • Device Information: STREAMWIDE may collect information about the User’s mobile device, or any computer that may use to download or stream a copy of the Application on his mobile device, including, where available, the mobile device’s or computer’s unique device identifiers, operating system, browser type, and mobile network information as well as the device’s telephone number, for system administration;
  • Location Information: Users may voluntarily share their location with other Users via the Application, and if the Geolocation feature is utilized by your Account Holder, your location may be tracked if enabled on your device;
  • Log information: When you use the Application, we may automatically collect and process certain information in server logs, including but not limited to internet protocol (IP) addresses, internet service provider (ISP), clickstream data, browser type and language, viewed and exit pages and date or time stamps;
  • Cookies: Our Application may use cookies to distinguish you from other Application users. This helps us to improve the quality and design of the Application and to create new features, promotions, functionality, and services by storing, tracking, and analyzing User preferences and trends. More information about cookies is provided by the Cookie Policy on the Site.

6.1.1. WHAT HAPPENS IF DATA SUBJECTS DON’T PROVIDE PERSONAL DATA

When STREAMWIDE asks data subjects to fill in their information to give them access to certain functionalities or services of the website and applications, will mark some fields as mandatory, because the information is necessary to provide their access to that functionality or services of the website and applications.  

6.2.   ADDITIONAL PURPOSES

STREAMWIDE is also processing personal data for the following purposes:

  • For answering to data subject questions (as Users) and requests, and provide them with customer support;
  • For marketing purposes, but only if STREAMWIDE is having data subjects prior consent, or when there is a legal exception for obtaining consent;
  • For providing and improving STREAMWIDE’s products;
  • For diagnose or remedy of technical problems;
  • For defending ourselves against cyber attacks;
  • For being legally compliant;
  • For subscribing to STREAMWIDE’s newsletter:

https://www.STREAMWIDE.com/en/newsletter;

  • For requesting information from STREAMWIDE (regarding a product, partnership etc.): https://www.STREAMWIDE.com/en/contact
  • In the unlikely event of a dispute, for finding or claiming a right in court.

6.3.     OTHER INFORMATION ABOUT LEGAL GROUNDS

(a) Legitimate interest. If STREAMWIDE uses the legitimate interest, then must perform a legitimate interest analysis (balancing test) through which it can balance its interest and data subject’s interests. If STREAMWIDE’s interests prevail, then it will use the legitimate interest. If the data subject’s interests prevail, then STREAMWIDE will not use the legitimate interest, and to the extent, fail to identify another correct legal basis, STREAMWIDE will not perform that processing activity.

(b) Consent. Obtaining consent is not mandatory, and STREAMWIDE obtains consent from data subjects only in situations where it fails to use another legal basis, like the performance of a contract or taking steps before concluding a contract, compliance with a legal obligation, protection of vital interest, the public interest of official authority and legitimate interest.

(c) Vital interest. In the unlikely event of a medical emergency or another exceptional event, processing may be necessary to protect the vital interests of you or another individual.

  1.  DATA SUBJECTS RIGHTS

Data subjects’ rights, under the GDPR Regulation, are as follows and they can be exercised by sending a written, signed, and dated request to the e-mail address: dpo@streamwide.com

(a) The right to be informed about data processing;

(b) The right to have access. The data subjects have the right to obtain from the company a confirmation that personal data concerning them are processed or not and, if so, access to the respective data and the information provided by article 15 (1) of the GDPR;

(c) The right to rectify inaccurate or incomplete data. The data subjects have the right to obtain from STREAMWIDE, without undue delay, the rectification of inaccurate personal data concerning them;

(d) The right to be deleted (“the right to be forgotten” – which is not an absolute right). In the situations provided in article 17 of the GDPR, data subjects have the right to request and obtain the deletion of their data;

(e) The right to restrict processing. In the situations provided in article 18 of the GDPR, data subjects have the right to request and obtain the restriction of processing;

(f ) The right to transmit the data that STREAMWIDE has, about the data subjects, to another controller (“the right to portability”);

( g) Data subjects right to oppose the data processing, in the cases provided in art. 21 of the GDPR;

( h) The right not to be subject to a decision based exclusively on automatic processing, including the creation of profiles with legal effects or similar significant effects on data subjects;

( i) The right to go to court for the protection of data subjects’ rights and interests;

( j) The right of a complaint to a Supervisory Authority.

The rights listed above are not absolute. There are exceptions, each request will be analyzed so that STREAMWIDE can decide whether it is justified or not. To the extent that the request is substantiated, STREAMWIDE will facilitate the data subject’s exercise of their rights. If the request is unfounded, it will reject it, but the data subject will be informed about the reasons for the refusal and of the rights to lodge a complaint with the competent Supervisory Authority and to go to court.

STREAMWIDE is trying to respond to the request within a month. However, the time limit may be extended depending on various aspects, such as the complexity of the request, the large number of received requests, or the inability to identify the data subject on time.

If the company fails to identify the data subject and it does not provide additional information to be identified, the company is not obliged to comply with the request.

  1. DATA SECURITY

STREAMWIDE understands the importance of the security of personal data and takes the necessary measures to protect customers and other persons whose data they process, from unauthorized access to personal data, as well as from unauthorized modification, disclosure, or destruction of data processed in the current activity.

STREAMWIDE has implemented the following technical and organizational measures for the security of personal data:

(a) Dedicated policies. STREAMWIDE adopts and constantly reviews internal practices and policies for the processing of personal data (including physical and electronic security measures), to protect systems from unauthorized access or other possible threats to their security. These policies are subject to constant control to ensure compliance with legal requirements and to ensure that the systems work properly.

(b) Data minimization. STREAMWIDE ensures that the personal data it processes is limited to what is necessary, are appropriate, and relevant for the purposes provided in this Policy.

(c) Restricting access to data. STREAMWIDE seeks to restrict to the minimum necessary access to the personal data it processes through: employees, collaborators, and other people who need to access data to process it and perform a service. The company’s staff, partners, and collaborators are subject to strict confidentiality obligations, either by contract or legally.

(d) Specific technical measures. STREAMWIDE uses technologies that ensure customer security, always trying to implement the best solutions for data protection.

The company also makes regular back-ups to recover data in the event of an incident, secure the passwords, and has implemented periodic audit procedures regarding the security of the equipment is using. However, no website, no application, and no internet connection are completely secure and untouchable.

(e) Ensuring data accuracy. STREAMWIDE may sometimes require data subjects to confirm the accuracy of personal data or to update personal data to ensure they reflect reality.

(f) Staff training. STREAMWIDE constantly trains employees and collaborators on legislation and best practices in the field of personal data processing.

(g) Data pseudonymization. STREAMWIDE pseudonymizes the personal data it processes as one of the most effective data protection measures;

(h) Encryption. STREAMWIDE has encrypted e-mail, servers, messages and files, voice and videos, user credentials on the server-side;

(i) Mobile security. STREAMWIDE has implemented Mobile App Secure Device Monitoring, Mobile App Advanced Threat Protection, Mobile application integrity checks, Secured user credentials, Mobile confining user data, Revoke user credentials, Block or remove user access to service, Data wipe out by admin, Application registration via one-time password.

However, certain features of the team on the run application may involve making user’s information publicly available. When using these features, users should ensure that they do not submit any personal data that they do not want to be seen, collected, or used by other users of the Application.

  1. STORAGE PERIOD

Unless the law specifies a different retention period, STREAMWIDE stores data subjects’ personal data only for the time necessary to fulfill the purposes.  After the end of the storage period, personal data will be destroyed or deleted from computer systems and any other evidence.

  1. DATA TRANSFERS

10.1.  EXTERNAL DISCLOSURE OF INFORMATION

In general, we keep personal data of European citizens in our locations in France and Romania.

If STREAMWIDE transfers your personal data to a country other than the EEA, will ensure that your data is properly protected.

We will ensure that there is an appropriate agreement on the transfer of data, following the standard contractual clauses approved by the Commission European (https://ec.europa.eu/info/law/law-topic/data-protection/data-transfers-outside-eu/model-contracts-transfer-personal-data-third-countries_en).

Also, if it is considered that there are no laws in the country that are equivalent to EU data protection standards, STREAMWIDE will request the third party to conclude an agreement that will reflect these standards. If the transfer is not based on such an agreement, we will ensure that the transfer has always based on another mechanism provided by law to ensure the protection of your personal data.

  1. DIRECT MARKETING

Currently, the company sends commercial e-mail messages (e-mail marketing) to the users in STREAMWIDE’s database, as a result of the interactions with our customers, potential customers, partners, users, or in any other context in which one of the above provided their data to our company representatives, or fill in the online contact form in our website.

11.1.     HOW TO UNSUBSCRIBE FROM DIRECT MARKETING CAMPAIGNS?

The data subjects may oppose direct marketing and/or may withdraw their consent at any time by following the unsubscribe instructions on the website.

  1. OTHER SERVICES

The Privacy Policy does not cover applications and sites of other third parties that data subjects may access by using the links on STREAMWIDE’s website which are beyond STREAMWIDE’s control. STREAMWIDE encourages data subjects to review the Privacy Policy on any website and/or application they enter before providing personal data.

  1. CHANGES

STREAMWIDE may change this Privacy Policy at any time. All updates and changes to this Privacy Policy are immediately available on the website.

  1. QUESTIONS, REQUESTS, AND EXERCISE OF RIGHTS

For questions or concerns regarding confidentiality, processing of personal data, and the exercise of legal rights, you can contact us at the e-mail address: dpo@streamwide.com

Last update: 26.02.2021