Streamtime underwent an internal review of all existing policies and documentation prior to the enforcement of the GDPR on the 25th May 2018. Any required policy updates were applied and new documentation created to ensure we fulfilled all requirements.

The opening summary of our internal data policy documentation:

Policy brief & purpose

Our company cyber security policy serves as a guideline for all our staff to ensure the security of our data and network infrastructure to combat human errors, hacker attacks etc that could cause financial damage, utilise valuable resources to resolve and may jeopardise our company’s reputation.

Product Security

Permissions
We enable permission levels within the app to be set for your teammates.
Permissions restrict access to various areas of Streamtime and also allow for view/read/write access to be applied to specific areas - eg user cost rates.

Uptime
We have uptime of 100% . You can check the metrics here.


Network and application security

Data Hosting and Storage
Streamtime services and data are hosted in Amazon Web Services (AWS) facilities US-West (N. California) USA.

Disaster Recovery
Streamtime was built with disaster recovery in mind. Our AWS servers are templated and able to be recreated quickly. Point in time down to the second backups are maintained to allow restoration of the AWS RDS which stores all client data.

Back Ups and Monitoring
Backups - Periodic AWS backups that can be restored on demand.
Audit logs are kept for all in-app activity.
All actions taken on production consoles or in the Streamtime application are logged.
We use FullStory to monitor real time product usage.
Exceptions are logged with notifications sent to Slack channels that are monitored by multiple staff members.

Encryption
Streamtime encrypts sensitive authentication information (passwords & tokens) at rest. All information is encrypted during transfer over SSL using TLS1.2.

Penetration Tests, Vulnerability Scanning
Streamtime engages a third-party security expert annually to perform detailed penetration tests on the Streamtime application and infrastructure.

We do not store payment details
Streamtime is not in the business of storing or processing payments. All payments made to Streamtime Stripe who's security compliance can be found here security page.

Did this answer your question?