Effective Date: April 1, 2026 | Last Updated: April 1, 2026
1. Introduction
StaamlCorp ("we," "us," or "our") is committed to protecting your privacy. This Privacy Policy describes how we collect, use, disclose, and safeguard your information when you visit our website at staamlcorp.com (the "Site") and use our services. This policy applies to all visitors, users, and others who access the Site.
We are aligned with the requirements of the EU General Data Protection Regulation (GDPR), ISO/IEC 27701:2019 (Privacy Information Management), ISO/IEC 27018 (Personal Data in Cloud), and other applicable data protection laws.
2. Data Controller
StaamlCorp is the data controller responsible for your personal data. If you have questions about this policy or our data practices, contact us at:
3. Data Protection Officer
StaamlCorp has designated a Data Protection Officer (DPO) to oversee compliance with data protection obligations. You may contact the DPO at:
4. Information We Collect
We collect only the information necessary to provide our services and improve your experience. The categories of data we collect include:
4.1 Contact Form Data
When you submit our contact form, we collect:
- First and last name
- Email address
- Company or organization name (optional)
- Subject of inquiry
- Message content
4.2 Newsletter Subscription
If you subscribe to our newsletter, we collect:
4.3 Risk Assessment Responses
When you use our Risk Assessment tool, we collect:
- Your responses to assessment questions
- Assessment results and scores
4.4 Automatically Collected Information
When you visit the Site, we may automatically collect certain technical information, including:
- Browser type and version
- Operating system
- Pages visited and time spent
- Referring website
- IP address (anonymized where possible)
5. Legal Basis for Processing (GDPR)
We process your personal data only when we have a lawful basis to do so under the GDPR:
- Consent (Art. 6(1)(a)): When you subscribe to our newsletter, submit cookie preferences, or voluntarily submit a risk assessment. You may withdraw consent at any time.
- Legitimate Interest (Art. 6(1)(f)): To respond to contact form inquiries, improve our website, and ensure security. We have assessed that these interests do not override your fundamental rights.
- Contractual Necessity (Art. 6(1)(b)): When processing is necessary to respond to your licensing inquiries or provide requested services.
- Legal Obligation (Art. 6(1)(c)): When we are required to retain or disclose data to comply with applicable laws.
6. How We Use Your Information
We use the information we collect to:
- Respond to your inquiries and provide requested information
- Send newsletters and updates (only with your consent)
- Process and deliver risk assessment results
- Improve our website, services, and user experience
- Ensure the security and integrity of our Site
- Comply with legal obligations
7. Data Retention
We retain your personal data only for as long as necessary to fulfill the purposes for which it was collected:
- Contact form data: Retained for up to 24 months from the date of submission, unless an ongoing business relationship requires longer retention.
- Newsletter emails: Retained until you unsubscribe or request deletion.
- Risk assessment responses: Retained for up to 12 months, then anonymized or deleted.
- Technical/log data: Retained for up to 90 days for security and performance monitoring.
When data is no longer needed, it is securely deleted or anonymized in accordance with our data retention schedule.
8. Third-Party Sharing
We do not sell, trade, or rent your personal information to third parties.
We may share your data only in the following limited circumstances:
- Service Providers: We may share data with trusted third-party service providers who assist us in operating our website and conducting our business, subject to strict confidentiality obligations and data processing agreements.
- Legal Requirements: We may disclose data when required by law, regulation, court order, or governmental authority.
- Business Transfers: In the event of a merger, acquisition, or sale of assets, your data may be transferred as part of that transaction, with notice provided to you.
9. International Data Transfers
StaamlCorp is based in the United States. If you are accessing our Site from outside the United States, please be aware that your data may be transferred to, stored, and processed in the United States.
Where we transfer personal data outside of the European Economic Area (EEA), we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Adequacy decisions where applicable
- Other legally recognized transfer mechanisms
10. Your Rights
Under applicable data protection laws, including the GDPR, you have the following rights regarding your personal data:
- Right of Access (Art. 15): You may request a copy of the personal data we hold about you.
- Right to Rectification (Art. 16): You may request correction of inaccurate or incomplete data.
- Right to Erasure (Art. 17): You may request deletion of your personal data, subject to legal retention requirements.
- Right to Restrict Processing (Art. 18): You may request that we limit how we use your data.
- Right to Data Portability (Art. 20): You may request your data in a structured, commonly used, machine-readable format.
- Right to Object (Art. 21): You may object to processing based on legitimate interests or direct marketing.
- Right to Withdraw Consent: Where processing is based on consent, you may withdraw it at any time without affecting the lawfulness of prior processing.
- Right to Lodge a Complaint: You have the right to lodge a complaint with a supervisory authority if you believe your data protection rights have been violated.
To exercise any of these rights, please contact us at info@staamlcorp.com. We will respond to your request within 30 days.
11. Cookie Usage
Our Site uses minimal cookies and similar technologies:
- Essential Cookies: Required for the basic functioning of the Site (e.g., cookie consent preference stored in localStorage).
- Analytics Cookies: If used, these help us understand how visitors interact with the Site. These are only activated with your consent.
You can manage your cookie preferences through the cookie consent banner displayed on your first visit. You may also configure your browser to block or delete cookies at any time.
12. Security Measures
We take the security of your personal data seriously and implement appropriate technical and organizational measures, including:
- Encryption of data in transit (HTTPS/TLS)
- Access controls limiting data access to authorized personnel
- Regular security assessments and monitoring
- Alignment with ISO/IEC 27001 (Information Security Management) standards
- Protection through our proprietary patented security technology (U.S. App. No. 19/640,793)
While no method of transmission or storage is 100% secure, we strive to use commercially acceptable means to protect your personal data.
13. Children's Privacy
Our Site is not directed at individuals under the age of 16. We do not knowingly collect personal data from children. If we become aware that we have collected personal data from a child without parental consent, we will take steps to delete that information promptly.
14. Links to Third-Party Sites
Our Site may contain links to third-party websites. We are not responsible for the privacy practices or content of those sites. We encourage you to review the privacy policies of any third-party sites you visit.
15. Updates to This Policy
We may update this Privacy Policy from time to time to reflect changes in our practices, technologies, legal requirements, or other factors. When we make material changes, we will notify you by updating the "Last Updated" date at the top of this page and, where appropriate, providing additional notice on the Site.
We encourage you to review this policy periodically to stay informed about how we protect your data.
16. Contact Us
If you have any questions, concerns, or requests regarding this Privacy Policy or our data practices, please contact us: