General Data Protection Regulation – GDPR

GDPR documents for fun and… okay, it’s not fun at all

Little Stream Software will be compliant with the GDPR by May 25th, 2018 (we’re waiting on some vendors for details of their compliance).

As part of this, I’m documented internal procedures and have updated various public documents about your rights, what data we use, and other data-topics.

This page will act as a quick way to get more information about our GDPR setup and data usage in general.

For website visitors

The Privacy Policy is the best source of information for you. This describes the data we collect, how it’s used, and who it’s shared with.

For Shopify App customers

For Shopify app customers, we’ve got a bushel of documents for you.

First off, there’s the Shopify App Store Terms and Conditions agreement that you’ve agreed to when you installed any of our apps. This is Shopify’s agreement between you, them, and us.

In addition to that, we have a Data Processing Addendum which amends that agreement with more details about how we handle and process your personal data. Or in GDPR-speak: how we’re acting as Data Processors or Subprocessors or Sub-subprocessors (Shopify’s GDPR compliance is a complex rabbit-hole).

One note about DPAs: we will be unable to sign or agree to any other Data Processing Agreements (DPA) other than our own. As a small business we also can’t make individual changes to our DPA since we don’t have a legal team on staff. Any changes to the standard DPA would require legal counsel and a lot of back and forth discussion that would be cost prohibitive for our team.

The Privacy Policy is also a good document to review as it describes the data we collect, how it’s used, and who it’s shared with.

Questions, concerns, requests

Finally, if you have any questions, concerns, or data requests you can contact me at the email address in the Privacy Policy. I’m happy to share more details on our processes over email.