GDPR-compliant Streaming & Video
CLOUD Act
The U.S. Law, Clarifying Lawful Overseas Use of Data Act, better known as CLOUD Act, is in strict violation to GDPR.
EDPS, The European Data Protection Supervisorbelieves that the CLOUD Act is in conflict with GDPR. This is because the CLOUD Act gives US authorities the right to request data from US companies, even if the servers where the data is stored are physically located outside America's borders.
The CLOUD Act applies to all US companies, even if they operate in Europe and store data in Europe. CLOUD Act affects the likes of Alphabet, the parent company of Google, even if you are using their services through their European servers.
The law has been criticized by the EFF, Amnesty and Human Rights Watch - but supported by Microsoft, Google, Facebook and Apple.
The easiest way to be completely safe is to use suppliers within the EU, without ownership of US suppliers. However, keep in mind that it is just as important to also keep track of sub contractors that are handling subtitles, CDN, movie encoding and backup storage services!
GDPR-tailored video platform
Streamio is one of the best tailored solutions for video, audio, and live streaming. We work actively together with our customers for the efficient and correct management of the General Data Protection Regulation. If you want to read the full regulation, you can find it here, but below we summarize why Streamio is a safe choice for video and streaming:
- You control publishing to 100%
- We have a Standard Swedish Agreement for Personal Data (TechSverige/IT and Telecom Companies)
- You retain full rights and ownership of all your content
- We have few subcontractors and all have personal data processing agreements
- Swedish contracting party, which owns the operating platform - no cloud services
- Streamio can be used completely without foreign subcontractors
Schrems II
The Schrems II ruling made things a little more troublesome. The European Data Protection Board (EDPB) has published has published recommendations on the extensive work needed to secure transfers to third countries.
Or you can make it easy for yourself and use a Swedish video service!
A solution without sub-processors in third countries
With Streamio, you can buy a unique platform that completely eliminates the risks of, for example, US cloud providers.
We are a Swedish-owned company that owns its own server facilities in Stockholm and Uppsala. We do not use foreign cloud providers. We are a real internet operator that controls traffic and its logging itself.
If you wish, the service can be delivered completely without any foreign subcontractors!
Video Distribution CDN
When a viewer watches your movies, they are usually distributed through one or more Content Distribution Network (CDN). It is important to note that the CDN operator can access traffic data for the distribution, which usually includes logging personal data, including IP numbers.
For our customers who operate mainly in Sweden and the Nordic region, we have a Swedish CDN, which is GDPR-safe, where the sub-processor is Swedish and located only a stone's throw from our office at Uppsala Castle.
Based in Sweden
Streamio is a service developed and operated by Rackfish AB, the Swedish hosting and streaming company. Streamio is delivered from Swedish servers under the industry's Standard Swedish agreement. Processing of personal data is by default held in Sweden and our storage takes place in Stockholm and Uppsala. We are simply the most Swedish suppliers.
It won't get any more Swedish than that! 🙂
Streamio for the public sector
Streamio is a perfect fit for the public sector and can proudly count a large number of public institutions, municipalities, regions and authorities as its customers. Why public sector actors choose Streamio:
- CLOUD Act and Schrems II secured
- Accessibility adapted according to WCAG 2.1 AA - For example: Character interpretation, audio interpretation, subtitles and contrasting colors
- Market leading prices - below the limit for direct procurement!
- Sub-contracts that handle the processing of personal data
- Swedish solution - Based in Sweden
- No personal data is processed in third countries
GDPR around Europe
The General Data Protection Regulation is implemented under a lot of different names around Europe. Here are links to our pages about Streamio in different languages:
- Austria: Datenschutz-Grundverordnung (DSGVO)
- Belgium: algemene verordening gegevensbescherming / règlement général sur la protection des données (RGPD)
- Bulgaria: Общ регламент относно защитата на данните
- Croatia: Opća uredba o zaštiti podataka
- Cyprus: Γενικός Κανονισμός για την Προστασία Δεδομένων
- Czech Republic: obecné nařízení o ochraně osobních údajů
- Denmark: generel forordning om databeskyttelse
- Estonia: isikuandmete kaitse üldmäärus
- Finland: yleinen tietosuoja-asetus
- France: règlement général sur la protection des données (RGPD)
- Germany: Datenschutz-Grundverordnung (DSGVO)
- Greece: Γενικός Κανονισμός για την Προστασία Δεδομένων
- Hungary: általános adatvédelmi rendelet
- Ireland: An Rialachán Ginearálta maidir le Cosaint Sonraí / General Data Protection Regulation (GDPR) (English only)
- Italy: regolamento generale sulla protezione dei dati (RGPD)
- Latvia: Vispārīgā datu aizsardzības regula
- Lithuania: Bendrasis duomenų apsaugos reglamentas (BDAR)
- Luxembourg: règlement général sur la protection des données (RGPD) / Datenschutz-Grundverordnung (DSGVO)
- Malta: Regolament Ġenerali dwar il-Protezzjoni tad-Data
- The Netherlands: algemene verordening gegevensbescherming
- Poland: ogólne rozporządzenie o ochronie danych
- Portugal: Regulamento Geral sobre a Proteção de Dados (RGPD)
- Romania: Regulamentul general privind protecția datelor
- Slovakia: všeobecné nariadenie o ochrane údajov
- Slovenia: Splošna uredba o varstvu podatkov
- Spain: Reglamento general de protección de datos (RGPD)
- Sweden: Dataskyddsförordningen
- United Kingdom: General Data Protection Regulation (GDPR)