STEMRBack to STEMR

Data Compliance

Effective date: 5 June 2026

This page summarizes how STEMR approaches data protection and compliance obligations for users in the UK, EEA, and other regions with similar privacy laws.

Roles

For account and platform data, STEMR acts as the data controller. For audio and project content uploaded by you, you are generally the controller of that content and STEMR processes it on your behalf as a data processor to provide the Service.

Lawful bases for processing

  • Contract: to create your account, host projects, and deliver features you request.
  • Legitimate interests: to secure the Service, prevent abuse, and improve reliability.
  • Legal obligation: where we must retain or disclose information under applicable law.
  • Consent: where required for optional communications or non-essential cookies.

International transfers

We may process or store data in the United Kingdom, European Economic Area, United States, or other countries where our infrastructure providers operate. Where required, we rely on appropriate safeguards such as standard contractual clauses or equivalent mechanisms.

Sub-processors

We use trusted infrastructure and service providers for hosting, storage, email, analytics, and payments. These providers process data only under our instructions and appropriate contractual protections.

Your data subject rights

Subject to applicable law, you may have the right to:

  • Access the personal data we hold about you.
  • Correct inaccurate data.
  • Request deletion of your data.
  • Restrict or object to certain processing.
  • Request portability of data you provided.
  • Withdraw consent where processing is consent-based.
  • Lodge a complaint with your local data protection authority.

To exercise these rights, email contact@stemr.co.uk. We may need to verify your identity before responding.

Data breach notification

If we become aware of a personal data breach likely to affect your rights, we will investigate promptly and notify affected users and regulators where required by law.

Records and audits

We maintain internal records of processing activities and review our vendors and security practices on a reasonable schedule. Enterprise customers may contact us regarding supplemental data processing terms.

Contact

Data protection enquiries: contact@stemr.co.uk