Last updated: 27 January 2026
This Privacy Policy (together with any applicable terms of service, product terms, and notices presented to you at the point of collection) sets out the basis on which personal data / personal information we collect from you, or that you provide to us, will be processed by Stream Money.
We are committed to protecting and respecting your privacy. We will only process your personal data / personal information where permitted by applicable privacy and data protection laws, including:
Where there is a deviation between the UK GDPR and the EU GDPR, we include both positions in Section 14 (UK / EEA / Canada Addenda).
Stream Money is a trading name used by the following companies:
Stream Ventures Ltd
Registered office: Flat 7 Grange House, 7 Grange Road, Gravesend, Kent DA11 0EB
Company number: 13560798
Primary operating jurisdiction(s): United Kingdom & Global
Contracting entity / services: Technology Services
StreamDigital sp. z o.o. ("StreamDigital Sp zoo")
Registered office: ul. HOZA, nr 86, lok. 210, miejsc. Warsaw, kod 00-682, poczta Warsaw, Poland
Company number / registry ID: 0001089202
VASP registration number: RDWW-1191
Primary operating jurisdiction(s): European Union
Contracting entity / services: Digital Assets, OTC and related digital asset services
Snowcap Financial Ltd
Registered office: 1285 West Broadway, Suite 600, Vancouver, British Columbia, Canada V6H 3X8
Company number: BC1484570
FINTRAC registration number: C100000166
Primary operating jurisdiction(s): Canada
Contracting entity / services: Payment service provider services, foreign exchange, money remittance, and transfer of virtual assets
The Stream Money entity you contract with for the relevant Service (as described above and identified in your onboarding flow, customer agreement, or service‑specific terms) will generally be the organisation responsible for your personal data / personal information for that Service (the "controller" under UK/EU terminology).
Other Stream Money entities may process personal data:
Where UK GDPR applies, the UK supervisory authority is the Information Commissioner's Office ("ICO").
Stream Ventures Ltd is registered with the ICO under registration number ZB980797.
For all privacy queries, rights requests, and complaints, you can contact:
Privacy Team – Stream Money
c/o Stream Ventures Ltd
Flat 7 Grange House, 7 Grange Road, Gravesend, Kent DA11 0EB
Email: [email protected]
Data Protection Officer / Privacy Officer contact: [email protected]
This Policy applies to personal data / personal information processed when you:
Third‑party links. Our Services may include links to third‑party websites and services. Third parties have their own privacy policies; we are not responsible for their practices.
Depending on the Service, we may collect:
We perform KYC, KYB, and identity verification. Depending on the Service and applicable requirements, this may include:
If you do not provide information required for KYC/KYB or verification, we may not be able to provide the relevant Service, or we may have to suspend/limit it.
When you use our websites or Services, we may automatically collect:
We may receive personal data / personal information from third parties such as:
We use personal data / personal information for the purposes below. The legal basis depends on your location, the contracting entity, and the Service you use.
| What we use your information for | Examples of data used | UK/EEA lawful basis (UK GDPR / EU GDPR) | Canada authority (PIPEDA / provincial) |
|---|---|---|---|
| Provide and operate the Services | identity/contact, account, usage, communications | contract; legitimate interests | consent (express or implied as appropriate); reasonable purposes; legal requirements where applicable |
| Onboarding, KYC, KYB & identity verification | identity docs, proof of address, verification outputs, KYB docs | legal obligation (where applicable); contract; legitimate interests; and where required, explicit consent for special category processing | consent (appropriate to sensitivity); legal requirements where applicable; reasonable purposes |
| Security, fraud prevention & incident response | technical/security logs, account activity | legitimate interests; legal obligation | reasonable purposes; legal requirements where applicable |
| Customer support & service communications | communications, account | contract; legitimate interests | consent (where required) and reasonable purposes |
| Compliance, audits, legal claims | KYC/KYB outputs, logs, transaction records | legal obligation; legitimate interests | legal requirements; reasonable purposes |
| Improve and develop Services (analytics, testing) | usage/technical data, feedback | legitimate interests; consent where required for non‑essential cookies/technologies | consent where appropriate; reasonable purposes |
| Marketing (where permitted) | contact data, preferences, interactions | consent (where required) and/or legitimate interests (subject to opt‑out) | CASL compliance (consent requirements); reasonable purposes |
If we intend to process your information for a new purpose that is not compatible with the original purpose, we will provide additional notice and/or obtain consent where required.
Some KYC/verification activities may involve processing data that could be considered special category data (e.g., biometric data where facial templates are created/used). Where we process special category data, we will only do so where a valid Article 9 condition applies, and we will implement appropriate safeguards.
In Canada, especially under Québec law, some information may be considered sensitive depending on its nature and context (for example, biometric information). Where we process sensitive information, we will apply enhanced safeguards and seek an appropriate form of consent where required.
Our websites and online Services may use cookies and similar technologies (e.g., pixels, SDKs, local storage) to:
You can manage preferences through our cookie banner (where available) and through your browser/device settings. Disabling certain cookies may affect site functionality.
We may send you communications about Stream Money and our Services (e.g., product updates, regulatory/operational notices, events, and insights).
Canada – CASL: Where Canada's Anti‑Spam Legislation applies, we will use appropriate consent mechanisms and include required sender identification and an unsubscribe mechanism in commercial electronic messages.
We may share personal data / personal information with:
Other Stream Money trading entities (Stream Ventures Ltd, StreamDigital sp. z o.o., and/or Snowcap Financial Ltd) where necessary for:
in each case on an appropriate lawful basis / authority and with appropriate safeguards.
Third‑party service providers that support our business (for example: hosting, IT support, analytics, security, customer support tools, identity verification and screening providers, and professional advisers). These providers are required to protect your information and use it only as instructed by us.
We may disclose information where required by law or where necessary to:
If we are involved in a merger, acquisition, financing, reorganisation, or sale of assets, personal data may be shared as part of that process, subject to appropriate confidentiality and security measures.
Because Stream Money operates across multiple jurisdictions and uses service providers, your information may be transferred to, stored in, or accessed from countries outside your country/region of residence (including the UK, the EEA, Canada, and potentially other jurisdictions where suppliers operate).
Where required, we use appropriate safeguards, such as:
Specific UK/EEA/Canada transfer positions are set out in Section 14.
We implement appropriate technical and organisational measures designed to protect personal data / personal information against accidental or unlawful destruction, loss, alteration, unauthorised disclosure, or access.
No method of transmission over the internet is completely secure. You are responsible for keeping your login credentials confidential.
We retain personal data / personal information only for as long as necessary to:
Retention periods vary depending on the Service, the contracting entity, the nature of the data, and applicable legal requirements. Where possible, we will de‑identify/anonymise information or securely delete it when it is no longer needed.
Your rights depend on where you are located and which Stream Money entity is providing the relevant Service.
Subject to conditions and exemptions, you may have the right to:
You generally have rights to:
Additional Québec‑specific rights and transparency requirements may apply where Québec law applies (see Section 14).
To exercise your rights, contact:
We may need to verify your identity before fulfilling your request.
We encourage you to contact us first so we can address your concerns.
Submit a complaint: email [email protected] (or [email protected]).
We will review and respond in line with applicable legal requirements.
You may also have the right to lodge a complaint with the relevant regulator(s) (see Section 14).
This section provides jurisdiction‑specific information where requirements differ.
A. Supervisory authority
The UK supervisory authority is the Information Commissioner's Office (ICO). Stream Ventures Ltd is registered with the ICO under registration number ZB980797.
B. International transfers (UK)
Where UK transfer restrictions apply, we implement appropriate safeguards (including recognised transfer mechanisms and contractual protections) for transfers to countries not recognised as providing adequate protection under UK law.
C. Complaints handling (UK)
Where applicable, we provide a complaints process and will respond in line with UK requirements.
D. Storage and access technologies (UK)
Cookie/technology requirements in the UK are governed by UK GDPR and UK e‑privacy rules. Where consent is required, we will obtain it; where lawful exemptions apply, we may rely on them while maintaining transparency and user choice.
E. Automated decision‑making (UK)
Where UK rules apply and we make significant decisions based solely on automated processing, we apply safeguards such as providing information, enabling you to challenge decisions and request human intervention where required.
A. Supervisory authority
If EU GDPR applies, you can lodge a complaint with your local EEA supervisory authority (in the country where you live, work, or where an alleged infringement occurred).
B. International transfers (EEA)
Where EU transfer restrictions apply, we use EU‑recognised safeguards for transfers to third countries (for example, contractual safeguards and/or adequacy decisions).
C. Cookies and similar technologies (EEA)
EEA e‑privacy rules generally require consent for non‑essential cookies/technologies. We provide consent controls where required.
D. Automated decision‑making (EEA)
If we carry out solely automated decision‑making that produces legal effects or similarly significantly affects you, we will provide information and safeguards required by EU GDPR.
A. Applicable framework
In Canada, private‑sector privacy compliance is governed by PIPEDA and, where applicable, provincial private‑sector laws (including Québec's private‑sector privacy law as amended).
B. Accountability and privacy officer (Canada / Québec)
Stream Money designates a person responsible for privacy compliance.
Contact: [email protected].
C. Cross‑border processing (Canada / Québec)
Your personal information may be processed outside Canada (including outside your province). We apply contractual and organisational protections to help ensure appropriate safeguards.
Where Québec law applies, additional requirements may apply to cross‑border communications of personal information (including assessment and contractual requirements) and transparency regarding cross‑border processing.
D. Breach notification (Canada)
If a breach occurs, we will take steps to reduce risk and comply with applicable reporting/notification obligations.
E. Automated decision‑making transparency (Québec)
Where Québec law applies and we render a decision based exclusively on automated processing of personal information, we will provide the notices and opportunities required under Québec law (including the ability to submit observations and request review by an appropriate person).
F. Canada – marketing (CASL)
Where CASL applies, we will use appropriate consent mechanisms and include identification and unsubscribe functionality in commercial electronic messages.
Our Services are not directed to children and we do not knowingly collect personal data from children.
Any changes we make to this Privacy Policy will be posted on this page (or equivalent location where the Policy is made available) and the "Last updated" date will be amended accordingly.