Login Start for free

Privacy Policy

How Streamnode collects, uses, shares, stores, and protects personal data across our Services.

This Privacy Policy explains how Streamnode collects, uses, shares, and protects personal data when you use our websites, applications, APIs, and related services (the “Services”).

This policy should be read together with our Terms and Conditions and Acceptable Use Policy.

1. Who We Are

In this policy, “Streamnode,” “we,” “our,” or “us” means the Streamnode entity that provides the Services.

Streamnode is a UK-based company. Where UK data protection law applies, Streamnode acts as a data controller for personal data described in this policy, except where we process data on behalf of customers as a processor (see Section 3).

2. Scope

This policy applies to personal data we process when you:

  • visit our public website;
  • create or manage a Streamnode account;
  • use Streamnode Services and support channels;
  • receive communications from us;
  • interact with us at events, on social channels, or in sales conversations.

This policy does not apply to third-party services you connect to Streamnode. Those services are governed by their own privacy policies.

3. Controller and Processor Roles

Streamnode processes different data in different roles:

  • Controller data: account, billing, support, analytics, and business operations data for our own purposes, excluding Google user data where Section 6.2 imposes stricter limits.
  • Processor data: customer content and request data processed through customer workloads in Streamnode.

When Streamnode acts as a processor for customer data, the relevant customer is responsible for the lawfulness of processing and handling data subject requests. If your data was submitted to Streamnode by one of our customers, contact that customer first.

4. Personal Data We Collect

Depending on how you use the Services, we may collect:

  • Account and profile data: name, email, username, company, role, login credentials, and account preferences.
  • Billing and transaction data: billing contact details, VAT/tax data, invoice records, subscription details, and limited payment metadata from payment providers.
  • Service usage data: API calls, configuration settings, request volumes, performance metrics, logs, timestamps, and related diagnostic data.
  • Content and files you submit: code, payloads, configuration content, and files processed or stored through the Services.
  • Device and technical data: IP address, browser type, device identifiers, operating system, referring URLs, and session-level telemetry.
  • Communications data: support tickets, emails, chat messages, feedback, and survey responses.
  • Marketing and event data: newsletter preferences, campaign interactions, and event participation details.

We may also receive data from third parties, such as payment processors, analytics providers, and integration partners.

5. How We Use Personal Data

Except where a service-specific section of this policy imposes stricter limits, including Section 6.2 for Google user data, we use personal data to:

  • provide, operate, and maintain the Services;
  • authenticate users and secure accounts;
  • process payments, invoices, and subscription administration;
  • deliver customer support and resolve incidents;
  • monitor performance, reliability, abuse, and security risks;
  • improve and develop features, products, and documentation;
  • communicate service updates, legal notices, and support messages;
  • send product and marketing communications where permitted by law;
  • comply with legal obligations and enforce our Terms and policies.

6. Third-Party Connections and API Data

You may choose to connect third-party services to Streamnode (for example Airtable, Notion, Slack, Dropbox, and Google services). When you enable a connection, we process third-party account data only to provide the user-facing features you request.

6.1 General Rules for Connected Services

For connected third-party services:

  • Data we access: depends on the provider and the actions you enable.
  • How we use it: to authenticate your connection, execute requested actions, display requested outputs, and maintain reliability and security.
  • How we store it: we store only the data needed to operate requested features, for the period required by our retention practices in this policy, with access controls and security safeguards.
  • How we share it: we do not sell connected-service user data. We share data only with service providers acting on our instructions, when required by law, or as otherwise described in this Section 6 and any provider-specific subsection.

You can revoke connection access at any time by disconnecting the integration in Streamnode and, where supported, revoking access in the third-party provider account settings. After revocation/disconnection, new API access stops, and retained data is handled under this Privacy Policy (including your deletion rights).

6.2 Google API Services User Data

If you choose to connect Google services (for example Gmail, Google Calendar, Google Drive, Google Forms, or Google Sheets), we process Google user data only to provide the user-facing features you request.

Unless we explicitly tell you otherwise in a product-specific disclosure and obtain any consent required by applicable law or Google policy, the general data use statements elsewhere in this Privacy Policy do not expand how we use Google user data beyond the limits described in this Section 6.2.

For connected Google services, our disclosures are:

  • Data we access: depending on the connection and actions you enable, this may include your Google account email address, mailbox profile metadata, calendar lists/events, files and file metadata, forms and responses, and spreadsheet data.
  • How we use it: to authenticate your connection, execute requested actions, display requested outputs, and maintain integration reliability and security for those user-facing features.
  • How we store it: we store only the data needed to operate requested features, for the period required by our retention practices in this policy, with access controls and security safeguards.
  • How we share it: we do not sell Google user data. We share Google user data only with service providers acting on our instructions and bound to protect it, when required by law, or as part of a corporate transaction where legally permitted and, where required, with user consent.

Our use of information received from Google APIs adheres to the Google API Services User Data Policy, including the Limited Use requirements.

For clarity:

  • We use Google user data only to provide or improve user-facing features that are visible and prominent in Streamnode.
  • We do not use Google user data for advertising, marketing, or user profiling.
  • We do not use Google user data for general-purpose analytics unrelated to the Google-connected feature the user enabled.
  • We do not use Google user data for serving ads.
  • We do not sell Google user data to data brokers or information resellers.
  • We do not use Google Workspace API data to train generalized, non-personalized AI or machine learning models.
  • We do not transfer Google user data to third parties except as needed for the limited purposes described in this Section 6.2, for security, to comply with law, or as part of a merger, acquisition, or sale of assets where permitted by law and, where required, with user consent.

You can revoke Streamnode’s access to Google data at any time by disconnecting the Google integration in Streamnode and/or removing Streamnode access in your Google account permissions.

7. Legal Bases (UK GDPR and EU/EEA Where Applicable)

Where UK GDPR or EU/EEA GDPR applies, we rely on one or more of these legal bases:

  • Contract: processing necessary to provide the Services and perform our contract with you.
  • Legitimate interests: security, fraud prevention, service improvement, and business operations, where these interests are not overridden by your rights.
  • Legal obligation: compliance with applicable law, tax, accounting, and regulatory requirements.
  • Consent: where required (for example, certain marketing and non-essential cookies), which you can withdraw at any time.

8. Cookies and Similar Technologies

We use cookies and similar technologies to:

  • keep you signed in and remember preferences;
  • understand usage patterns and improve performance;
  • measure marketing effectiveness;
  • secure and protect our Services.

Where required by law, we request consent before placing non-essential cookies. You can manage cookies through browser settings and any consent tools made available on our site.

See our Cookie Policy for more detail.

9. How We Share Personal Data

Except where a service-specific section of this policy imposes stricter limits, including Section 6.2 for Google user data, we may share personal data with:

  • Service providers and subprocessors: hosting, analytics, monitoring, support, billing, and communication vendors acting under contractual obligations.
  • Integration and partner services: where you choose to connect third-party tools.
  • Professional advisers: auditors, lawyers, and insurers.
  • Corporate transaction parties: in connection with mergers, acquisitions, reorganisations, financing, or asset sales.
  • Authorities and regulators: where required by law, court order, or to protect rights, safety, and security.

We do not sell personal data in exchange for monetary payment.

10. International Data Transfers

Personal data may be transferred to and processed in countries outside the UK or EEA.

Where required, we use appropriate safeguards for restricted transfers, including adequacy decisions, UK International Data Transfer Agreement (IDTA) mechanisms, the UK Addendum to EU Standard Contractual Clauses, or equivalent approved safeguards.

11. Data Retention

We keep personal data only for as long as needed for the purposes described in this policy, including to:

  • provide the Services;
  • meet legal, tax, accounting, and reporting obligations;
  • resolve disputes and enforce agreements;
  • maintain security and abuse prevention records.

Retention periods depend on data type, plan settings, legal requirements, and operational needs.

12. Security

We maintain technical and organisational measures designed to protect personal data against unauthorised access, loss, misuse, or alteration.

No method of transmission or storage is completely secure. You are responsible for maintaining account security, including strong credentials and access controls.

If you identify a security issue, report it to [email protected].

13. Your Rights and Choices

Depending on your location and applicable law, you may have rights to:

  • access personal data we hold about you;
  • request correction of inaccurate data;
  • request deletion of data;
  • object to or restrict certain processing;
  • request portability of your data;
  • withdraw consent where processing is based on consent.

To exercise rights, contact [email protected]. We may need to verify your identity before processing a request.

If Streamnode processes your data as a processor on behalf of a customer, we will direct your request to that customer where appropriate.

You can opt out of marketing emails by using the unsubscribe link in those messages.

14. UK, EEA, and Swiss Privacy Rights

If you are in the UK, EEA, or Switzerland, you may also have the right to complain to your local supervisory authority. In the UK, this is the Information Commissioner’s Office (ICO).

We encourage you to contact us first so we can try to resolve your concern promptly.

15. Other Jurisdiction Privacy Rights (Including US States)

As a UK-based company, this policy is drafted primarily around UK and EEA data protection requirements. If other privacy laws apply to you, including certain US state privacy laws, you may have additional rights, such as rights to know, access, delete, correct, or opt out of certain data uses.

To submit a privacy request, contact [email protected]. We will process requests in line with applicable law.

16. Children’s Privacy

The Services are not directed to children under 16, and we do not knowingly collect personal data from children under 16. If you believe a child has provided personal data to us, contact us and we will take appropriate steps.

17. Changes to this Policy

We may update this Privacy Policy from time to time. We will post the updated version with a revised “Last updated” date and provide additional notice where required by law.

Your continued use of the Services after the effective date of an updated policy means you accept the update.

18. Contact

For privacy questions or requests: [email protected].

For security issues: [email protected].

Last updated April 9th, 2026