GlobalStrm is committed to protecting your privacy and handling your personal data in a lawful, fair and transparent way. This page explains how personal data is collected, used and protected when you use our legal streaming service, website and applications (“Service”).
1. Data Controller
The data controller responsible for your personal data is:
GlobalStrm
Email: support@globalstrm.com
Use this email for any questions about this policy or to exercise your GDPR rights.
2. What Data We Collect
Depending on how you use GlobalStrm, we may process the following data:
- Identification data: email address, account ID, name (if provided).
- Subscription data: chosen plan, start/end dates, payment status (no full card data).
- Technical data: IP address, device type, operating system, app version, error logs.
- Usage data: login times, session duration, channels and categories accessed, quality settings.
- Support data: information you send when contacting support (e.g. MAC address to link IBO Player or other apps).
We do not intentionally collect special categories of data (sensitive personal data).
3. How We Collect Your Data
Data is collected in three main ways:
- Directly from you when you create an account, purchase a subscription, send us your MAC address, or contact support.
- Automatically when you use our website or apps, through necessary logs and basic analytics to secure and deliver the Service.
- From payment providers when they confirm payment success or failure; we receive only limited billing information, not full card details.
4. Purposes and Legal Bases
We process your data only for specific, legitimate purposes:
- Account creation & service delivery
To register your account, send login details, M3U/EPG links and host URLs, and activate your devices so you can use the Service.
Legal basis: performance of a contract (Art. 6(1)(b) GDPR). - Subscription management & fraud prevention
To manage plan changes, renewals, and detect misuse such as abuse of simultaneous streams.
Legal basis: performance of a contract and legitimate interest (Art. 6(1)(b),(f)). - Service quality, security & troubleshooting
To monitor performance, fix errors, secure our infrastructure and prevent abuse or attacks.
Legal basis: legitimate interest (Art. 6(1)(f)). - Legal and regulatory compliance
To meet tax, accounting, copyright and consumer‑protection obligations.
Legal basis: legal obligation (Art. 6(1)(c)). - Optional marketing communications
To send news and offers about GlobalStrm if you have explicitly opted in; you can withdraw consent at any time.
Legal basis: consent (Art. 6(1)(a)).
5. Payments & Billing
All subscription payments are handled exclusively by trusted third‑party payment processors. GlobalStrm does not collect or store your full payment card numbers or bank details; we only receive limited information (such as transaction status or masked card type) required to confirm your subscription and comply with legal and accounting obligations.
6. Hosting & Infrastructure
The GlobalStrm website and backend systems are hosted by professional third‑party hosting providers that offer secure, GDPR‑aligned infrastructure in appropriate locations. GlobalStrm does not operate its own data centre; hosting partners provide storage and server resources, while GlobalStrm focuses on delivering the Service on top of that infrastructure.
7. Use of Email
Your email address is primarily used to:
- Create and manage your account.
- Send essential service messages (login details, M3U/EPG links, subscription confirmations, security notices).
- Provide important updates about changes that affect your use of the Service.
We do not use your email for unrelated marketing without your prior consent, and you can opt out of non‑essential messages at any time.
8. Cookies and Similar Technologies
Our website may use strictly necessary cookies to operate and secure the Service, for example to maintain your session or prevent abuse. Where we use additional cookies or similar technologies (for analytics or marketing), these are only activated with your consent via a cookie banner, which you can change or withdraw at any time.
9. Data Sharing & International Transfers
GlobalStrm does not sell your personal data. Limited data may be shared with:
- Payment processors (for billing and fraud prevention).
- Hosting and infrastructure providers (for secure operation of the Service).
- Customer support and email delivery tools.
- Professional advisers (e.g. legal or accounting) where necessary.
If data is transferred outside the EU/EEA, appropriate safeguards such as Standard Contractual Clauses or equivalent mechanisms are used to protect your information.
10. Data Retention
Personal data is kept only as long as necessary for the purposes described above:
- Account and subscription data: kept while your account is active and for a limited period afterwards to meet legal and tax requirements.
- Technical and log data: retained for a shorter period necessary for security, diagnostics and service improvement.
- Support data: retained as long as needed to resolve your request and maintain service quality.
When data is no longer needed, it is securely deleted or anonymised.
11. Your GDPR Rights
Under the GDPR, you have the following rights regarding your personal data:
- Right of access – obtain confirmation whether we process your data and receive a copy.
- Right to rectification – correct inaccurate or incomplete data.
- Right to erasure – request deletion of your data in certain cases (“right to be forgotten”).
- Right to restriction – limit processing in specific situations.
- Right to data portability – receive your data in a structured, commonly used format and transmit it to another provider.
- Right to object – object to processing based on legitimate interests or to direct marketing at any time.
- Right to withdraw consent – withdraw consent where processing is based on consent, without affecting prior lawful processing.
To exercise any of these rights, contact: support@globalstrm.com. You also have the right to lodge a complaint with your local data protection authority if you believe your rights have been violated.
12. Children’s Data
GlobalStrm is intended for adults and is not directed at children under the age required by local law (typically 16 in the EU unless lowered by national rules). We do not knowingly collect personal data from children; if you believe a child has provided data, please contact us so we can delete it.
13. Security Measures
We implement appropriate technical and organisational measures to protect your data against accidental or unlawful destruction, loss, alteration, unauthorised disclosure or access. These may include encryption, access controls, secure hosting, logging, and regular security reviews.
14. Changes to This GDPR & Privacy Policy
This page may be updated from time to time, for example to reflect changes in law, regulatory guidance or our Service. The latest version will always be available on our website with a “last updated” date. For material changes, we may notify you by email or in‑app message where appropriate.
15. Contact
If you have any questions about this page, your personal data, or your rights, you can contact us at:
Email: support@globalstrm.com
