Close this search box.

Privacy Policy


 STREAM HATCHET, as data controller and owner of this website, in compliance with the information duty established by the applicable laws to the company and EU Regulation 2016/679, General Data Protection Regulation (GDPR), we make this privacy policy available to inform you about how we process and protect your privacy and the data you provide us.

In this notice we explain what your rights are and how to exercise them in regards to your personal information. Additionally, in the event you should require to contact the Data Protection Authority in charge, we provide you with the details.

'Us' as Data Controllers of the processing of your personal information Identity: STREAM HATCHET
Tax. No.: B98820913
Address: Cloudworks Casa de les Punxes Avenida Diagonal 420, Barcelona
STREAM HATCHET SLU is a subsidiary company of GameSquare Holdings, Inc. Con sede en  1008, 150 York Street, Toronto ON M5H 3S5, Canada
NASDAQ and TSX Venture Exchange listed company
Our Data Protection Officer (DPO) If you have any queries, doubts or suggestions regarding how we use your personal data, you can contact the Data Protection Officer at the following e- mail address: - DPO: Auris Advocats (on its behalf, Xavier Saula Adell) C/ Pau Claris, 154, 2º. 08009, Barcelona


The personal data that we collect from our users and customers can be grouped according to the following categories:
  • Basic and contact data: such as name, surname, username or similar identifier, date of birth or gender. This category also may include your billing address, email and phone number. 
  • Financial and economic data: this category includes payment, return and reimbursement details as well as the commercial transactions you completed with us. This may include data to verify your identity for payment acceptance purposes to be able to perform commercial transactions with you.
  • Professional and employment data: this category includes your professional interests and your professional identity that is public and online. For example, your LinkedIn profile.
  • Technical data: about your device, visits and use of our website, including IP address, log data, browser and version used, time zone and usage, type of plugins installed, operating system, etc.
  • User account data: such as your profile name and password, history of subscriptions, interests, preferences, suggestions sent by you or any type of survey that you have responded to us, or information you have provided including your image, uploaded by means of a photograph or video.
  • Browsing data: includes information regarding the way your brows when visiting our platform.
  • Marketing and communication preferences: we collect your preferences in regards to accepting our commercial updates, information and Newsletters. We gather all your granted consents and your chosen communication preferences.
  • Demographic and statistical data: We may collect additional information obtained from third parties such as advertisers, social networks (such as Facebook) to whom you have given consent to share personal information with us. We also collect information from third parties about the use of the content you transmit through our services. We use this information to try to improve your experience and safety while using our platform and to improve our services, analytics and advertising.

We do not collect personal data that is may be considered sensitive or specially protected.


 Generally, you provide most of the personal information we collect directly. Either personally at our stores or by telephone, mail, web forms or by responding to our surveys. However, we may also collect personal information from:
  • Publicly accessible sources, such as commercial or property registries.
  • From third parties linked to us, such as for example from Content Creators with whom we have a partnership.
  • A company of our group
  • Credit reference agencies
  • From a third party that has previously obtained your consent to do so, such as your bank.
  • From the cookies that we enable on our website – For more information on how we use cookies, please visit our Cookie Policy.
  • From our systems to access our premises, if there are any. Such as, for example, entry and reception registers, security surveillance cameras, communication systems and instant messaging, email or social networks.


 If you decide to not provide us with certain information when requested, we may not be able to perform the contract we have entered into with you. Whenever required by law to collect your personal data or, whenever colleting personal data becomes mandatory. In the event that we need to cancel your order because of this, we will notify you first when necessary.


We attach below a detailed table with all the possible purposes for which we may collect your data and an explanation of the legal grounds to do so.

Purpose/Activity Lawful basis for processing including basis of legitimate interest
To provide you with our services, manage fees, accept payments and debit collection. (1) performance of a contract
(2) Necessary for our legitimate interests (to recover debts due to us)
To register you as a new customer or as web User on our platform (1) Consent of the interested party
(2) Performance of a contract
To manage our relationship with you which will include:
(1) notifying you about changes to our terms or privacy policy
(2) asking you to leave a review or take a survey
(3) Request update or correction of data
(1) performance of a contract with you
(2) necessary to comply with a legal obligation
(3) necessary for our legitimate interests (to keep our records updated and to study how customers use our products/services)
To send business mail, Newsletter and advertisements through any communication form (1) performance of a contract
(2) Necessary for our legitimate interests (providing you haven’t expressed your desire to stop receiving, ‘opt-out’)
To administer and protect our business and this website (including troubleshooting, data analysis, testing, system maintenance, support, reporting and hosting of data) (1) necessary for our legitimate interests (for running our business, provision of administration and IT services, network security, to prevent fraud and in the context of a business reorganisation or group restructuring exercise).
(2) necessary to comply with a legal obligation
To use data analytics to improve your website experience, implement marketing strategies, improve customer relationships and purchasing experiences using cookies (1) Necessary for our legitimate interests
(2) Consent of the interested party (accepting our Cookie policy, for example)
To make suggestions and recommendations about products or services that may be of interest to you Necessary for our legitimate interests (to develop our product/services and grow our business)
Updating and enhancing customer records (1) For the performance of our contract with you or to take steps at your request before entering into a contract
(2) To comply with our legal and regulatory obligations
(3) For our legitimate interests or those of a third party, e.g. making sure that we can keep in touch with our customers about existing orders and new products
Respond to queries and providing information to the interested party, including sending of budget proposals (1) Legitimate interest
(2) Contract performance
(3) Express consent
(4) Legal obligation
Manage User interactions on our social networks (1) To comply with our legal obligations, for example erasing offensive comments, racism, maintain respect in conversations, protect minors, etc.
(2) In our legitimate interest (for example erasing advertisement for others)
Provide the Authorities with information whenever required by the Courts Compliance with our legal obligations
Guarantee job security, personnel management and the employability of candidates (1) To comply with our legal obligations
(2) In our legitimate interest and of others. To improve our job experience for our staff
Provide greater security to our facilities (installation of CCTV cameras / video surveillance, access control) For our legitimate interests or those of a third party, e.g. to prevent harm over our employees and clients


We may share your personal information:

  • With the companies of our group
  • With Content Creators, Stream Hatchet Partners, provided that you have given your consent to do so.

  •  Third-party companies that we subcontract or service providers that we contract in order to be able to provide our services.
  • Third parties we need to manage our business. For example, advertising agencies, lawyers, mutual societies, etc.
  • Insurance companies, brokers
  • The banking entities with which we work.

All suppliers we work with are contractually bound to us. We can guarantee that they comply with all the necessary security measures to safeguard your personal information, that they will use your personal data solely and exclusively for the specified purposes, in accordance with our instructions and always in full compliance with international GDPR standards.

We will also share personal information with law enforcement agencies when required to do so by law.


All the information you provide us, both through this website and by other means or channels, will be hosted on the CLOUD servers of AMAZON WEB SERVICE and SINGLESTORE.


In order to be able to provide the service, we will sometimes need to transfer your data outside the European Economic Area (EEA). For example:
  • To communicate with you or our suppliers when you are outside the EU;

  • When there is an international dimension in the products/services that we provide you.

International data transfers are subject to special rules governed by the principles of data protection laws. This means that we can only transfer your data to countries or international organizations outside the EU, when:

  • The receiving country is considered safe by the competent authority in terms of the level of protection applied to personal data.

  • All the pertinent measures have been taken to guarantee the safeguarding of security and the correct development of your legal rights, as well as the possibility of filing claims.

  • There is an applicable exception according to data protection law.


Your data will be retained for the duration of our business engagement or as long as necessary to fulfill the purpose for which it was collected, unless you previously exercised your right to request deletion, opposition to processing, or restriction to your personal data. At the end of this retention period, your personal data will be deleted in accordance with data protection regulations. This means that data will be subjected to ‘blocking’, restricting processing, and ensuring its availability solely for the resolution of legal disputes or upon legitimate requests from judicial authorities, the Public Prosecutor’s Office, or other competent public entities. This restriction will apply for the time frame dictated by the statute of limitations for potential legal claims.

We inform you that our data retention policies are aligned with the legal time frames concerning limitation periods for liability purposes:

a) General Rule

In virtue of what is stated in art. 30 of the Commerce Code, all business data will be kept during 6 years. 

This affects all accounting, tax, labour or commercial documentation, including mail.  

b) Specific terms

Our company must also set minimum deadlines regarding the type of data and considering the different prescription periods, which each department must know. 

This table lists the prescription periods that affect or may affect our organization: 

Subject Period Rule
Labour infringements 3 years Art. 4.1 RD 5/2000
Social security regarding infringements 4 years Art. 4.2 RD 5/2000
Prevention of occupational hazards for the purposes of infractions 5 years Art. 4.3 RD 5/2000
Fiscal for the purpose of tax debts 4 years Art. 66 Ley 58/2003
Tax for the purposes of checks on compensated fees or applied deductions 10 years Art. 66 bis Ley 58/2003
Accounting and commercial 6 years Art. 30 del CC
Crimes against Public Finance and Social Security 10 years Art. 131 LO 10/1995


Any communication sent will be incorporated into our Information Systems. By accepting these conditions, terms, and policies, you are expressly consenting STREAM HATCHET to carry out the following activities and/or actions, unless stated otherwise:
  • The sending of commercial and/or promotional communications by any means enabled informing the Users of the activities, services, promotions, advertising, news, offers, and other information about the services and products related to the activity.
  • In the event that the User has expressly consented to the sending of commercial communications electronically by subscribing the NEWSLETTER, the sending of such communications by electronic means informing the Users of the activities, services, promotions, advertising, news, offers, and other information about the services and products of STREAM HATCHET equal or similar to those that were originally the aim of the contract or interest by the User.
  • The storage of personal data during the periods provided in the applicable provisions.


 At any time, users may revoke any previous express consent given us in regards to the sending of commercial information. To do this, please request to unsubscribe using the option (opt-out) whenever enabled on our app/web, or by writing us an email with the subject “unsubscribe” to

In accordance with the LSSICE, we never carry out SPAM, therefore, we will not send you commercial emails if they have not been requested or authorized by you. However, in all our communications, you will have the possibility to revoke your consent.

We will not treat your personal data for any other purpose than those described except by legal obligation or judicial requirement.


Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. DNT is a way for users to inform websites and services that they do not want certain information about their webpage visits collected over time and across websites or online services. We are committed to providing you with meaningful choices about the information collected on our website for third-party purposes, and that is why we provide the Network Advertising Initiative, Your Online Choices and the Digital Advertising Alliance opt-out links above. However, we do not recognize or respond to browser-initiated DNT signals.


 By providing us with your personal information through electronic channels, User’s declare that they are over 14 years of age and that all data provided to us is truthful, accurate, complete and updated. For these purposes, User’s confirm that they are responsible for the veracity of the all communicated information and that will keep such information conveniently updated so it responds to the reality. User’s will be made liable for any false or inaccurate data unlawfully provided, as well as for any harm and damages that may arise from this situation.


If you wish to send us your CV through our web or email, we inform you that the data provided will be processed to make you a candidate in the selection processes that may exist, carrying out an analysis of your professional profile with the goal to selecting the most suitable candidate.

We don’t accept resumes sent through other channels (for example, hand-delivered on paper). In the event of any change in your personal data, please notify us in writing as soon as possible, to keep your data duly updated.

The CV will be kept for a maximum period of two years, after it will be securely destroyed and all the data included will be deleted. We guarantee full respect for confidentiality. In this sense, after the aforementioned period, if you wish to continue participating in our recruitment processes, you must send your resume again.

The data may be processed and/or transferred to the companies that are members of our group during the time your CV is kept and for the same purposes previously reported.


 We take the protection of your data very seriously. For this reason, we guarantee the implementation of appropriate security measures, controls and procedures of a physical, organizational and technological nature to prevent your information from being accidentally lost, used or maliciously accessed.

We limit access to your data to authorized entities & personnel. To do so and we make sure to properly train all our staff. All those involved in the processing of your personal data are subject to the duty of confidentiality.

Additionally, we apply technical procedures to immediately react to a data security breach incident or suspicion. If necessary, we will notify you of it as well as the control authority (the AEPD in Spain), in accordance with current regulations.


You may request to exercise the following rights at any time by contacting us by email to , or in writing to the postal address located in the letterhead. Please attach to your request the exact information of what right you wish to exercise.

These are your rights related to your personal data: 

Right to access Allows the interested party to acknowledge and obtain information about their personal data submitted to processing.
Right to rectification or deletion It allows to correct errors and modify the data that proves to be inaccurate or incomplete.
Right to erasure Allows data that turns out to be inadequate or excessive to be deleted.
Right to withdraw consent The right of the interested party to not carry out the processing of their personal data or to cease it.
Restriction of personal data processing Involves the marking of personal kept data, with the purpose of limiting its’ future processing.
Portability of data Facilitation of the data subject to processing to the interested party, so that he or she can transmit it to another person in charge, without impediments.
The right not to be subject to automated individual decisions (including the elaboration of profiles) the right not to be the subject of a decision based on automated processing that produces effects or significantly affects the User.

You may also contact our Data Protection Officer directly: 

Please attach to your request, exact information of what right you wish to exercise and, in all cases, send ID proof that is legally valid.  


We hope to be able to resolve any concerns that may trouble you in regards to your personal information. You also have the right to submit a complaint to the supervisory authority if you believe that your rights may have been violated in relation to the protection of your personal data. In Spain, the authority is the Agencia Española de Protección de Datos. 

In Spain, the highest authority in terms of data protection is the Spanish Data Protection Agency (AEPD). – Tel: 91 266 35 17.


We may change or upgrade our Privacy Policy at any time to maintain it compliant with rules in force. Please check regularly.

Last Updated: 11 Mar 2024