StreamersDB
Privacy

Privacy Policy

Last updated: 21 avril 2026

1. Data controller

The data controller is:

  • Legal name: Martin SCAURI EI
  • Registered office: 13 avenue Cyrille Besset, 06100 Nice, France
  • SIRET: 75171939400049
  • Contact (privacy): contact@streamersdb.com

This policy describes how StreamersDB ("we") collects, uses, and protects personal data under the General Data Protection Regulation (GDPR · Regulation (EU) 2016/679) and the French "Loi Informatique et Libertes" (n° 78-17).

2. Two distinct categories of data subjects

We distinguish between two categories:

  1. Customers (visitors, buyers) who create an account or order data from us.
  2. Streamers (data subjects) whose publicly displayed contact information is aggregated and resold.

3. Data we collect — Customers

When you sign up or buy data, we collect:

  • Identification: email, full name (optional);
  • Authentication: hashed password (via Supabase Auth);
  • Order data: product type, filters used, CSV record count, amount paid, order timestamp;
  • Payment: last 4 digits of the card, country, cardholder name (stored by Stripe — we never receive full card numbers);
  • Technical: IP address, browser, approximate location, device type (via Vercel, Supabase) — for security and log purposes.

4. Data we collect — Streamers

We automatically collect information publicly displayed on live Twitch profiles and linked social accounts:

  • Twitch username, channel URL, average viewers, follower count, language, game categories, tags;
  • Email address when displayed publicly on the streamer's Twitch panel or a linked public profile;
  • Links to public social media accounts (YouTube, Twitter, Instagram, TikTok, Discord, Patreon, Reddit, LinkedIn, Facebook).

We do not collect private data, data from private accounts, or data obtained through an unauthorized access.

5. Purposes and legal basis

PurposeLegal basisRetention
Account management, order fulfillment, CSV deliveryPerformance of contract (Art. 6.1.b GDPR)Duration of the contractual relationship
Aggregation and sale of publicly available streamer contact dataLegitimate interest (Art. 6.1.f GDPR)As long as the data remains publicly displayed by the streamer
Legal obligations (accounting, tax)Legal obligation (Art. 6.1.c GDPR)10 years for invoices
Security, fraud prevention, technical logsLegitimate interest (Art. 6.1.f GDPR)12 months maximum
Transactional emails (order confirmation, data delivery)Performance of contract (Art. 6.1.b GDPR)Duration of the contract

6. Data processors (subcontractors)

To operate the Service, we use the following processors, under GDPR-compliant data processing agreements:

  • Supabase Inc. (USA, EU region) — database, authentication, storage. Standard Contractual Clauses.
  • Vercel Inc. (USA) — static site and serverless hosting. Standard Contractual Clauses.
  • Stripe Payments Europe Ltd (Ireland) — payment processing. GDPR-compliant.
  • Resend Inc. (USA) — transactional email delivery. Standard Contractual Clauses.

Some of these processors may transfer data outside the European Union (USA in particular). We rely on Standard Contractual Clauses ("SCC") approved by the European Commission to provide an equivalent level of protection.

7. Your rights as a data subject

Under the GDPR, you have the right to:

  • Access the data we hold about you;
  • Rectification of inaccurate data;
  • Erasure ("right to be forgotten");
  • Restriction of processing;
  • Object to processing based on legitimate interest;
  • Portability of data you provided;
  • Give instructions for the fate of your data after death.

To exercise your rights, contact contact@streamersdb.com. We respond within one month (extendable to three in complex cases). You may also file a complaint with the French data protection authority (CNIL — cnil.fr).

8. Specific notice for streamers

If your contact information appears in our database and you wish to be removed, please send an email to contact@streamersdb.com with the subject line "Removal request" and your Twitch username. We will delete your data from our active database within 72 hours and add your identifier to a permanent exclusion list to prevent future re-collection.

9. Cookies

StreamersDB uses only strictly necessary cookies for authentication (Supabase session) and payment (Stripe). No advertising or behavioural tracking cookies are deployed.

Further information can be found in your browser settings, where you can manage or delete cookies at any time.

10. Security

We implement appropriate technical and organizational measures to protect data: TLS encryption in transit, hosting on professional-grade infrastructure, Row Level Security on the database, access to our admin interface restricted by explicit allowlist, no storage of card details on our servers.

In the event of a data breach likely to create a risk for data subjects, we will notify the CNIL within 72 hours and inform the affected individuals in accordance with article 34 of the GDPR.

11. Changes to this policy

This policy may be updated. The last-update date is indicated at the top. In case of a significant change, we will notify customers by email.

12. Contact

For any question about this policy or to exercise your rights: contact@streamersdb.com.

See also our Terms & Conditions.