At Stremio (“Stremio”, “we”, “us” or “our”) we take your privacy and the security of your information very seriously.
Stremio is owned by Smart Code Ltd., Bulgaria. We are a legal person, which, alone or jointly with others, determines the purposes and means of the processing of personal data – controller.
If you have any questions regarding this Policy please contact us at [email protected]
The Policy describes the types of information we gather from Service Users, including people using our Services and from individual users (“you” or “users”) interacting with the Services, and how we use, transfer, and secure such information. By using any of the Services, you agree to be bound by this Policy. This Policy does not govern information we receive from third parties who are not Service Users. If you do not agree to the terms of this Policy, please do not use any of our Services. Each time you use our Services, the current version of this Policy will apply. Accordingly, when you use any of our Services, you should check the date of this Policy (which appears at the bottom) and review any changes since you last reviewed the Policy.
- ‘controller’ means the natural or legal person, public authority, agency or other body which, alone or jointly with others, determines the purposes and means of the processing of personal data;
- ‘personal data’ means any information relating to an identified or identifiable natural person (‘data subject’); an identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person;
- ‘processing’ means any operation or set of operations which is performed on personal data or on sets of personal data, whether or not by automated means, such as collection, recording, organisation, structuring, storage, adaptation or alteration, retrieval, consultation, use, disclosure by transmission, dissemination or otherwise making available, alignment or combination, restriction, erasure or destruction;
- ‘processor’ means a natural or legal person, public authority, agency or other body which processes personal data on behalf of the controller;
- ‘recipient’ means a natural or legal person, public authority, agency or another body, to which the personal data is disclosed, whether a third party or not. However, public authorities which may receive personal data in the framework of a particular inquiry in accordance with Union or Member State law shall not be regarded as recipients; the processing of those data by those public authorities shall be in compliance with the applicable data protection rules according to the purposes of the processing;
- ‘third party’ means a natural or legal person, public authority, agency or body other than the data subject, controller, processor and persons who, under the direct authority of the controller or processor, are authorised to process personal data;
- ‘consent’ of the data subject means any freely given, specific, informed and unambiguous indication of the data subject's wishes by which he or she, by a statement or by a clear affirmative action, signifies agreement to the processing of personal data relating to him or her;
- ‘personal data breach’ means a breach of security leading to the accidental or unlawful destruction, loss, alteration, unauthorised disclosure of, or access to, personal data transmitted, stored or otherwise processed;
III. Types of Data We Collect
Stremio may collect two types of data from users of our Services: “Data provided by you” which is information used in order to create an account, and “Additional data we receive about you” which is data that is generated from using our Services, which data we store and process.
Data provided by you:
- Stremio collects data you voluntarily provide to us in order to use our Services, including our Site, Platform and App. You provide us with your email address and password to create an account. These are all stored in order to create your account and provide you with the necessary access. Your email is used for account recovery purposes as well as for contacting support. Your username is your email address. Your password is stored in a secure, cryptographically hashed state.
Additional data we receive about you:
Additional data may be collected when you use our Services independent of any information you voluntarily enter.
When you use our Services, some data is automatically collected. Such data could include your computer's Internet Protocol (“IP”) address, operating system, type and language, device identifier numbers, and the time and date of your use.
- Data related to your use of the mobile applications:
Our mobile applications may automatically collect certain Additional data related to your use of the mobile application. Such data may include the date and time of your visit, the phone network associated with your mobile device, your mobile device’s operating system or platform, the type of mobile device you use, your mobile device’s unique device ID and the features of our mobile application you accessed.
- Data collected by Third Parties:
We may obtain information from other sources. For example, when you use your account through a social network such as Facebook and their Facebook Login feature, we will obtain access to certain information including your name and email in accordance with the authorization procedures determined by said source. Other similar sources may include Google Play Store and iTunes Store.
We use our own internal and third party solutions to gather and aggregate analytical data in order to improve the performance, marketing efforts and quality of our services. The main third party solutions which are in use include Google Analytics and BigQuery. All of the third party solutions we use adhere to the latest data protection laws and best practices.
IV. Legal basis for processing the data
- You agree and give your explicit consent to the Company so that the latter can request, collect, use, administrate and operate User’s personal data for the purpose of providing our services in accordance to Company’s policies and Company’s applicable laws and regulations. We collect, process, transfer and store personal data solely in connection to your consent and to the legitimate interest arising from the relationship between the User as a client and us.
- In case We intend to use Your personal data for a purpose other than the initial one you have agreed to, We shall provide the data subjects with information prior to the actions and We shall not use the data without Your explicit consent, regarding the new purpose.
V. Purposes for data collection
Your data is collected in order to:
- Provide our service to you.
- Optimize our marketing efforts.
- Provide and deliver services that you request.
- Send you information about new services.
- Monitor the usage of our services and analyze emerging trends.
- With your consent, provide you with personalized ads if the service supports them.
- To protect your vital interests and those of others.
VI. Your rights
You have the right to:
- Request from us access to the personal data that we hold about you in a portable format.
- Request from us correction of any collected personal data. The information may include only the subject of your personal data collection.
- Receive a copy of your personal data in electronic format.
- “The right to be forgotten”- you have the right to request the deletion of your personal data at any time where the retention of such data infringes relevant legislation.
- Receive information from Us about Our activities in connection to your personal data, including the purposes of collection and storage, the period of time for storage, the methods of collecting, the presence of automated processing.
- Delete your account at any time.
- You have the right to lodge a complaint with a supervisory authority, in particular in the Member State of your habitual residence, place of work or place of the alleged infringement if you considers that there is personal data breach.
VII. How can you exercise your rights?
To exercise your rights you can always contact by sending mail at [email protected] to our Data Protection Officer (DPO).
For managing your account information, you can use the profile settings feature in our services.
VIII. Sharing of Personal Information with Third Parties
- We may transfer Personal Information to third parties for providing the Services. We may disclose Personal Information to our appropriate affiliates, including third party service providers, to provide you with the Services. For example, we may transfer your Personal Information to third party service providers to communicate with third party services regarding requests you have made through the Services. These third party service providers are not authorized to retain, share, store or use the Personal Information for any purposes other than to provide the services they have been hired to provide. We do not sell trade or otherwise share Personal Information with third parties for the marketing purposes of the third party.
- We may elect to transfer your Personal Information to third parties under special circumstances to: (i) to comply with a legal requirement, judicial proceeding, court order, or legal process served on Stremio or its affiliates, (ii) to investigate a possible crime, such as fraud or identity theft; (iii) in connection with the sale, purchase, merger, reorganization, liquidation or dissolution of Stremio; (iv) when we believe it is necessary to protect the rights, property, or safety of Stremio or other persons, or (v) as otherwise required or permitted by law, including any contractual obligations of Stremio.
IX. Children and Privacy
- Our Services are not directed towards children, and you may not use them if you are under the age of 16.
- For children under 16, data processing is lawful if the child’s parent or guardian gives consent.
Х. Third party partners
XI. Time period for personal data storage
We retain your data for as long as your account is active or is needed for providing you with our services. We may also retain this data after your account is deactivated for a period of up to 3 years.
We may hold on to your data for extended periods of time in order to comply with laws, legal requests, governmental investigations, or investigations of possible violations of our terms and policies, or otherwise prevent harm.
XIII. Breach measures
In case of personal data breach, We will undertake every possible action in an appropriate and timely manner, to avoid any material or non-material damage to the data subjects. Breaches in the security may include identity theft, identity fraud, limitation of rights, unauthorised access to your account, loss of confidentiality of personal data, etc. As soon as the controller becomes aware of the breach, Users and the competent authorities will be notified immediately. You may be asked to follow certain instructions for prevention of breaches including but not limited to password or username change.
XIV. How Do I contact Stremio?
To contact us with your questions or comments regarding this Policy or the information collection and dissemination practices of Stremio relevant to your use of the Services, please email us at [email protected]
Last updated: May 22, 2018