Questions and comments can be sent to: [email protected]

Control Description
Individual Responsible for GDPR Compliance Ibrahim Menem, Head of technology
Purpose of Processing
help team build better products by streamline testing and user feedback.
Notice regarding the collection and use of Personally Identifiable Information (PII) can be found here: stomio.io/privacy/privacy-policy
Lawful Basis for Collection & Processing All PII collected and processed within Stomio is in accordance with our terms of service or Master Services Agreement between Stomio and the Data Controller
Data Subject Access Requests (DSAR) Requests for data access, modification or deletion may be sent to [email protected]
Data Privacy & Cookie Policies https://stomio.io/privacy/privacy-policy
https://stomio.io/privacy/cookies-policy
Data Retention Customer Data, including PII, is securely deleted from Stomio systems following service termination (default 60 days grace period) or upon customer request based on specific user agreement.
Data Protection & Information Security Stomio maintains a comprehensive information security management system to protect and preserve the confidentiality, integrity and availability of Customer Data, which is audited annually by a qualified third party assessor.

Our current SOC 2 Type II Report is available upon request. | | Breach Notification | Any breach of PII will be reported to Customers, Data Subjects and Data Authorities in accordance with our Incident Response Policy and all applicable regulatory requirements. | | Personal Data Processing Agreement | Available here | | Subprocessors List | Available here |