Streamtime underwent an internal review of all existing policies and documentation prior to the enforcement of the GDPR on the 25th May 2018. Any required policy updates were applied and new documentation created to ensure we fulfilled all requirements.
The opening summary of our internal data policy documentation:
Policy brief & purpose
Our company cyber security policy serves as a guideline for all our staff to ensure the security of our data and network infrastructure to combat human errors, hacker attacks etc that could cause financial damage, utilise valuable resources to resolve and may jeopardise our company’s reputation.
We enable permission levels within the app to be set for your teammates.
Permissions restrict access to various areas of Streamtime and also allow for view/read/write access to be applied to specific areas - eg user cost rates.
We have uptime of 100% . You can check the metrics here.
Can be enabled on your account should you require it.
Network and application security
Data Hosting and Storage
Streamtime services and data are hosted in Amazon Web Services (AWS) facilities US-West (N. California) USA.
Streamtime was built with disaster recovery in mind. Our AWS servers are templated and able to be recreated quickly. Point in time down to the second backups are maintained to allow restoration of the AWS RDS which stores all client data.
Back Ups and Monitoring
Backups - Periodic AWS backups that can be restored on demand.
Audit logs are kept for all in-app activity.
All actions taken on production consoles or in the Streamtime application are logged.
We use FullStory to monitor real time product usage.
Exceptions are logged with notifications sent to Slack channels that are monitored by multiple staff members.
Streamtime encrypts sensitive authentication information (passwords & tokens) at rest. All information is encrypted during transfer over SSL using TLS1.2.
Penetration Tests, Vulnerability Scanning
Streamtime engages a third-party security expert annually to perform detailed penetration tests on the Streamtime application and infrastructure.
We do not store payment details
Streamtime is not in the business of storing or processing payments. All payments made to Streamtime Stripe who's security compliance can be found here security page.