General Data Protection Regulation

What is it?
The GDPR is an EU Regulation to improve the protection of the personal data of EU citizens and increase the obligations of organisations who collect or process personal data. These new regulations take effect on the 25th of May 2018. The regulations greatly enhance the data privacy and security of our customers and extend to them exercisable rights enabling greater control over one's personally identifiable information.

The full specification of the GDPR rights and regulations can be found here .

How is Videolinq Streaming Services Inc. DBA The Streaming Store changing?
The Streaming Store functions as both a controller and processor of our customers' personally identifiable information (PII). Additionally, we employ a number of sub-processors to which we transmit data for storage or processing beyond feature sets under our immediate control.

As a controller of data, we store PII such as customer names, email addresses, physical addresses, IP addresses, phone numbers and avatars. We use a number of databases through GDPR compliant service providers to store sensitive customer data.

The Streaming Store is also a processor of customer data. We use customer data to compile legal documents, surface content, and facilitate investment-related matchmaking services. A number of sub-processors are leveraged by Uvision systems for purposes of financial transaction execution, internal analytics, and system monitoring.

We are both a data controller and data processor and we have several categories of measures to take in order to comply with the GDPR. The general categories are:
Auditing data collection and processing processes and protocols
Communicating our GDPR responsibility and accountability
Collecting explicit affirmative consent to control and process data from our customers
Implementing and communicating steps to exercise customer data access rights

Our GDPR compliance processes and procedures are as follows:
Auditing data collection and processing processes and protocols
We document the PII data we collect into data flows, data maps, and retention policies.
Our privacy policy includes how and why we handle personal data collected by Streamingstore.com.

Communicating our GDPR responsibility and accountability:
Our internal management structure is GDPR aware. We have appointed a Data Protection Officer who leads our GDPR compliance, security, and infrastructure initiatives. We have a technical security and infrastructure team focused on customer data security and regulatory changes. We have a detailed map of the personal data we collect and sub-processors we use. We have Data Processing Addendum contracts with the data processors with whom we share data. We have policies, internal talks, and training for GDPR and data security awareness as well as procedures for handling data breach incidents.

Collecting explicit affirmative consent to control and process customer data We require explicit affirmative consent at or after sign up before usage of The Streaming Store websites.

We inform customers of Privacy Policy updates, and we require explicit affirmative consent be recollected upon privacy policy changes.

System and marketing emails include unsubscribe utilities
Implementing and communicating steps to exercise customer data access rights. The GDPR guidelines require processors and controllers give easily executable rights to customers for accessing, updating, removing, cessation of processing, and delivery of their data.

The Streaming Store's customer service and engineering teams coordinate and execute customer data access right requests using the following protocol:

Engagement
A customer finds customer service contact instructions in our privacy policy and on The Streaming Store.com. A customer contacts the customer service team at sales@Streamingstore.com requesting to exercise one or more of their GDPR rights customer service authenticates the user's identity and acknowledges the request within 48 hours customer service attempts to resolve the issue themselves (or) customer service logs the details of the request in our backlog and notifies the Data Protection Officer

Escalation
The Data Protection Officer coordinates, defines, and prioritizes steps to resolve the data access request the Data Protection Officer tracks resolution lifecycle.

Resolution
The Streaming Store's customer service team contacts the requesting customer delivering applicable data packages, captures any further issues, and closes the support ticket.

We are operationally GDPR compliant ahead of the May 25th deadline. All the Streamingstore.com applications and services comply with the regulations and we're happy to see personal data privacy, ownership, and control come to the internet at-large. As a company, we are in full support of the regulation. These are very positive changes for the internet.