Privacy Policy

Stream Ventures, StreamDigital sp zoo & Snowcap financial ltd

This Privacy Policy explains how Stream Ventures Ltd, StreamDigital sp z.o.o and Snowcap Financial Ltd trading as Stream Money  (“we”, “us”, “our”) collects, uses, shares, and protects personal data when you use our websites, apps, products, platforms, and services (together, the “Services”), or otherwise interact with us (for example, at events or via email).

We process personal data in accordance with applicable data protection laws, including:

  • the UK GDPR (as it applies in the United Kingdom), and

  • the EU GDPR (Regulation (EU) 2016/679) (as it applies in the European Economic Area (“EEA”)).

Where UK GDPR and EU GDPR requirements diverge, we set out UK-specific and EEA-specific positions in the Jurisdiction Addenda at the end of this Policy.

1. Who we are

1.1 Trading name and group entities

Stream Money is a trading name used by the following companies (together, the “Stream Money Entities”):

Stream Ventures Ltd

  • Registered office: Flat 7 Grange House, 7 Grange Road, Gravesend, Kent DA11 0EB

  • Company number: 13560798

  • Primary operating jurisdiction(s): United Kingdom / Global

  • Contracting entity / services: Stream Ventures Ltd is the contracting entity for Technology Services.

StreamDigital sp. z o.o. (“StreamDigital Sp zoo”)

  • Registered office: ul. HOZA, nr 86, lok. 210, miejsc. Warsaw, kod 00-682, poczta Warsaw, Poland

  • Company number / registry ID: 0001089202

  • VASP registration number: RDWW-1191

  • Primary operating jurisdiction(s): European Union

  • Contracting entity / services: StreamDigital sp. z o.o. is the contracting entity for Digital Assets, OTC and related digital asset services.

Snowcap Financial Ltd

  • Registered office: 1285 West Broadway, Suite 600, Vancouver, British Columbia, Canada V6H 3X8

  • Company number: BC1484570

  • FINTRAC registration number: C100000166

  • Primary operating jurisdiction(s): Canada

  • Contracting entity / services: Snowcap Financial Ltd is the contracting entity for payment service provider services, foreign exchange, money remittance, and transfer of virtual assets.

1.2 Which entity is the “controller” for your personal data?

The Stream Money Entity that you contract with for the relevant Service (as described above and identified in your customer terms/onboarding journey) will generally be the data controller for the personal data processed in connection with that Service, unless we clearly state otherwise.

In some scenarios:

  • another Stream Money Entity may process personal data on behalf of the contracting entity as a processor (for example, providing operational, technology, support, security, or compliance services); and/or

  • two or more Stream Money Entities may act as joint controllers where they jointly determine the purposes and means of processing. Where joint controllership applies, we will make available the essence of the arrangement upon request (including how responsibilities are allocated).

1.3 UK supervisory authority and ICO registration (UK GDPR)

Where UK GDPR applies, the UK supervisory authority is the Information Commissioner’s Office (“ICO”).
Stream Ventures Ltd is registered with the ICO under registration number ZB980797.

1.4 Primary privacy contact address

For privacy queries, requests to exercise your rights, or complaints, you can contact our Privacy Team at:

Privacy Team – Stream Money
c/o Stream Ventures Ltd
Flat 7 Grange House, 7 Grange Road, Gravesend, Kent DA11 0EB
Email: privacy@stream.money
Data Protection Officer : dpo@stream.money 

 

2. Scope

This Policy applies to:

  • visitors to our websites and apps,

  • users who create accounts or use our Services,

  • individuals who contact us or receive communications from us (including marketing, where permitted),

  • business contacts (including supplier and partner contacts),

  • job applicants (where relevant).

Third-party links
Our Services may link to third-party websites or services. Those third parties will have their own privacy policies. We are not responsible for third-party privacy practices.

 

3. Personal data we collect

We may collect and process the following categories of personal data:

A. Information you provide to us

  • Identity and contact data: name, date of birth (where needed), address, email, telephone number, employer/company, role/title.

  • Account data: username, account identifiers, authentication details, preferences and settings.

  • Communications: messages you send to us, support requests, feedback, survey responses.

  • Transaction and service data (if applicable): orders, subscriptions, service selections, billing contact details, payment status (note: we typically do not store full card details if a payment provider is used).

  • Verification / onboarding data (if applicable): identity documents, proof of address, liveness/selfie checks, and related verification results.

  • Recruitment data (if applicable): CV, education and employment history, qualifications, right-to-work information, interview notes, references (where permitted).

B. Information we collect automatically (online and device data)

  • Technical data: IP address, device identifiers, browser type/version, time zone and locale, operating system, platform, referral source, log files.

  • Usage data: pages viewed, interactions, session duration, clickstream, feature usage, error logs and performance data.

  • Security and fraud signals: suspicious activity indicators and related telemetry (for example, repeated failed login attempts). Where enabled, this may include behavioural signals used to protect accounts and systems.

C. Information we receive from third parties

Depending on how you interact with us, we may receive personal data from:

  • identity verification, fraud prevention, or screening providers (if used),

  • payment processors and banking partners (if used),

  • analytics and marketing partners (where permitted),

  • event organisers and business partners (where you have asked them to share your details or where lawful),

  • publicly available sources (for example, corporate registers) where appropriate.

If we collect personal data from third parties, we will treat it in line with this Policy and provide any notices required by law.

 

4. How we use your personal data and our lawful bases

We only use personal data where we have a lawful basis.

Core purposes

We may process personal data to:

  1. Provide and operate the Services

  • Typical data: identity/contact, account, transaction/service, communications, technical/usage

  • Lawful basis: performance of a contract; legitimate interests (operating and improving Services)

  1. Onboard users and administer accounts

  • Typical data: identity/contact, account, verification/onboarding (if applicable)

  • Lawful basis: performance of a contract; legal obligation (where regulated checks apply); legitimate interests (fraud prevention)

  1. Customer support and communications

  • Typical data: identity/contact, communications, account, technical/usage

  • Lawful basis: performance of a contract; legitimate interests (support and service quality)

  1. Security, fraud prevention, and protecting our business

  • Typical data: technical/usage, account, security/fraud signals, communications

  • Lawful basis: legitimate interests (keeping Services secure, preventing misuse); legal obligation (where applicable)

  1. Legal, regulatory, and compliance

  • Typical data: identity/contact, transaction/service, verification/onboarding (if applicable), communications, technical logs

  • Lawful basis: legal obligation; legitimate interests (establishing, exercising, or defending legal claims)

  1. Service improvement, analytics, and product development

  • Typical data: technical/usage, preferences, feedback

  • Lawful basis: legitimate interests (improving Services) and/or consent (where required for certain cookies/technologies)

  1. Marketing and relationship management

  • Typical data: identity/contact, preferences, marketing interaction history

  • Lawful basis: consent where required; legitimate interests (B2B relationship management and relevant updates), subject to opt-out rights and applicable e-privacy rules

  1. Recruitment (if applicable)

  • Typical data: recruitment data and communications

  • Lawful basis: steps prior to entering a contract; legitimate interests (hiring); legal obligation (employment law-related)

If we use your data for a new purpose
If we intend to use your personal data for a purpose that is materially different from the purpose for which it was collected, we will provide additional information before doing so, where required.

 

5. Special category data and criminal offence data

We do not intentionally collect special category data (such as health data) unless we have a clear need and a lawful condition under applicable law.

If we process special category data (for example, biometric data used for identity verification where applicable), we will only do so where a lawful basis and a special category condition applies, such as:

  • explicit consent (where appropriate), and/or

  • processing necessary for substantial public interest or legal obligations (where applicable), and with appropriate safeguards.

If we process criminal offence data (for example, where required for regulated screening), we will do so only as permitted by applicable law and with suitable safeguards.

 

6. Cookies and similar technologies

We use cookies and similar technologies (such as SDKs, pixels, local storage, and device identifiers) to:

  • ensure the Services function properly,

  • remember preferences,

  • understand how the Services are used,

  • help protect against fraud and abuse,

  • (where used) support marketing.

Types of cookies we may use

  • Strictly necessary cookies: essential for login, security, and core site functionality.

  • Functional cookies: remember choices and preferences.

  • Analytics cookies: help us understand usage and improve performance.

  • Marketing cookies: help measure marketing effectiveness and show relevant information where used.

Your choices

  • You can manage cookie preferences via our cookie banner/tool (where available) and via your browser settings.

  • If you disable certain cookies, parts of the Services may not work as intended.

Note on UK vs EEA rules: cookie consent requirements can differ depending on whether UK rules (including PECR) or EEA e-privacy rules apply; see the Jurisdiction Addenda for details.

 

7. Marketing communications

We may send you communications about our Services, including updates, insights, events, or offers.

  • Where required by law, we will obtain your consent before sending direct marketing (especially to individuals).

  • Where permitted (for example, in certain B2B contexts), we may rely on legitimate interests, but you can opt out at any time.

Opt-out
You can opt out of marketing at any time by:

  • using the unsubscribe link in our emails, or

  • contacting us at privacy@stream.money.

Even if you opt out of marketing, we may still send service/administrative communications (for example, security alerts or important account updates).

 

8. Disclosure and sharing of personal data

We may share personal data with:

  • Service providers acting on our instructions (processors), such as hosting providers, CRM/support tools, analytics providers, security providers, identity verification providers (if used), and payment providers (if used).

  • Professional advisers such as lawyers, auditors, bankers, insurers, and consultants.

  • Group companies and affiliates (if applicable) for internal administration, security, and service delivery.

  • Regulators, law enforcement, and public authorities where we are required to do so or where lawful and necessary.

  • Buyers/investors in connection with a merger, acquisition, reorganisation, or sale of assets (with appropriate protections).

We do not authorise third parties to use your personal data for their own purposes unless you have agreed to it or it is required by law.

 

9. International transfers

Your personal data may be transferred to, stored in, or accessed from locations outside your country of residence, including where we or our service providers operate.

Where we transfer personal data internationally, we will ensure appropriate safeguards are in place, such as:

  • transfers to countries recognised as providing an adequate level of protection, and/or

  • contractual safeguards (e.g., Standard Contractual Clauses), and/or

  • other safeguards recognised under applicable law.

UK vs EEA transfer mechanisms differ; see Jurisdiction Addenda.

 

10. Security

We implement appropriate technical and organisational security measures to protect personal data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.

No online service is completely secure. If you have reason to believe your interaction with us is no longer secure, please contact us immediately at security@stream.money or privacy@stream.money.

 

11. How long we keep personal data

We retain personal data only as long as necessary for:

  • the purposes described in this Policy,

  • any contractual requirements,

  • legal, regulatory, tax, accounting, and reporting obligations,

  • resolving disputes and enforcing agreements.

Retention periods vary depending on the nature of the data and the reason we hold it. We can provide more detail on request.

 

12. Your rights

Subject to conditions and exemptions in applicable law, you may have the right to:

  • Access your personal data

  • Rectification of inaccurate or incomplete data

  • Erasure (deletion) of your personal data

  • Restriction of processing

  • Data portability

  • Objection to processing (especially where we rely on legitimate interests)

  • Withdraw consent at any time where we rely on consent (this will not affect processing already carried out)

You may also have rights relating to automated decision-making and profiling (see Jurisdiction Addenda).

To exercise your rights, contact us at privacy@stream.money. We may need to verify your identity before responding.

 

13. Complaints

We encourage you to contact us first so we can address your concerns.

  • Email: privacy@stream.money

You also have the right to lodge a complaint with the appropriate regulator (see Jurisdiction Addenda).

 

14. Children

Our Services are not directed to children and we do not knowingly collect personal data from children unless clearly stated for a specific service and we have appropriate safeguards.

Where we rely on consent for processing and age-related consent rules apply, the applicable standard can differ between the UK and EEA (see Jurisdiction Addenda).

 

15. Changes to this Privacy Policy

We may update this Policy from time to time. We will post the updated version on this page and, where appropriate, notify you through the Services or by email.

 

16. Contact

Questions, comments, and requests regarding this Policy should be sent to:

Stream Ventures Ltd
Flat 7 Grange House, 7 Grange Road, Gravesend Kent DA11 0EB
Email: privacy@stream.money

 

Jurisdiction Addenda (UK GDPR and EU GDPR differences)

These addenda apply in addition to the main Policy.

 

A. UK Addendum (UK GDPR)

A1. UK regulator and ICO registration

The UK supervisory authority is the Information Commissioner’s Office (ICO). We are registered with the ICO under registration number ZB980797.

A2. International transfers under UK GDPR

For transfers of personal data from the UK to countries not recognised as adequate under UK law, we may use appropriate safeguards such as:

  • the UK International Data Transfer Agreement (IDTA), or

  • the UK Addendum to the EU Standard Contractual Clauses (where applicable),
    together with any required risk assessments and supplementary measures. 

A3. Cookies and similar technologies (UK)

In the UK, cookie and similar technology rules are primarily governed by PECR alongside the UK GDPR. We will obtain consent for non-essential cookies unless an exemption applies, and we aim to make it easy for users to accept or refuse non-essential cookies. 

A4. Automated decision-making (UK)

Where UK law applies, the UK framework permits certain solely automated decisions in wider circumstances than the EU approach, but requires safeguards (including information about significant decisions, the ability to challenge decisions, make representations, and obtain human intervention). We will apply these safeguards where relevant. 

A5. Complaints (UK)

You may also complain to the ICO if you are unhappy with how we handle your personal data.

 

B. EEA Addendum (EU GDPR)

B1. EEA regulator

If you are in the EEA, you have the right to lodge a complaint with your local supervisory authority in your country of residence, workplace, or where an alleged infringement occurred.

B2. International transfers under EU GDPR

For transfers of personal data from the EEA to countries not recognised as adequate under EU law, we may use appropriate safeguards such as:

  • the EU Standard Contractual Clauses adopted by the European Commission, and/or

  • Binding Corporate Rules (where applicable),
    together with transfer risk assessments and supplementary measures where required.

B3. Cookies and similar technologies (EEA)

In the EEA, cookie and similar technology rules are primarily governed by national laws implementing the ePrivacy Directive, alongside the EU GDPR. We will obtain consent for non-essential cookies where required and provide clear choices.

B4. Automated decision-making (EEA)

Under EU GDPR, you have rights in relation to solely automated decisions (including profiling) that produce legal effects or similarly significantly affect you, subject to legal conditions and safeguards. Where we carry out such processing, we will provide information and safeguards required by EU GDPR.

B5. EU/EEA representative (if required)

If we are not established in the EEA but are required to appoint an EU representative under Article 27 EU GDPR, our representative will be provided by request by email to privacy@stream.money.
 

For further information please contact us.

hello@stream.money