Stablemate Legal Center

Policies

Last updated: September 2025 Overview

This Cookie Policy supplements the Terms of Service and Privacy Policy for Stablemate. Any terms defined in those documents carry the same meaning here. This Policy explains how Stablemate uses cookies and other tracking technologies to operate the service and how you can manage or disable certain types of tracking.

Cookie:

A small text file with an identifier that we send to your computer or mobile device, which your browser then stores. “Session” cookies are temporary and disappear when you close your browser. “Persistent” cookies stay until they expire or are manually deleted. Cookies typically do not contain personal information, but they may be linked to data we hold about you, such as remembering that you are logged in. To learn more about cookies, you can visit an educational site such as allaboutcookies.org.

Local Storage:

Part of your browser’s web storage. Like cookies, it allows websites to store information in your browser, even after you close a tab or the browser itself. Unlike cookies, data in local storage is not automatically sent to the server unless the webpage specifically does so. We may use local storage to remember your preferences or improve performance. Any data stored in your browser that is later sent to our servers is covered by this policy.

Managing Cookies and Local Storage:

Your browser allows you to block or delete cookies and clear stored data. If you do, some features of our website may not work correctly or your experience may be limited.

How We Use Cookies and Local Storage:

Stablemate uses cookies and local storage across our websites, including subpages, and mobile apps. These tools help us create a secure, personalized, and efficient experience for all members. Most browsers that access our services will receive cookies from us. The types of cookies we use may evolve, but in general they serve the following purposes:

Operations and Functionality: Some cookies are necessary for our services to work properly.
Authentication: We use cookies to remember that you are logged in as you move through our platform. For example, when you log in to your Stablemate dashboard, a cookie helps keep you signed in. Local storage also recognizes returning members and automates secure login processes.
Payment Processing, Fraud Prevention and Detection: Cookies help us detect unusual activity and prevent fraud. They also assist with secure and smooth payment processing through our provider, Stripe Inc. (“Stripe”).
Analytics for Improvements and Integrations: Cookies help us understand how people find and use our website and mobile app. These insights help us improve features, performance, and usability. We use Google Analytics to track usage patterns. Some third-party integrations may also require cookies.
Marketing and Advertising: Cookies can make our marketing more effective. They may prevent repetitive ads, measure ad performance, and help us understand whether people who saw an ad later signed up or upgraded. We sometimes partner with advertisers to show relevant ads online or at public events.

Other Technologies Used with Cookies:

Pixel Tags: Also called web beacons or clear Graphics Interchange Format (GIFs), used to track interactions with our services, such as email opens, so we can measure campaign performance and usage.
Third-Party Analytics: Tools such as Google Analytics gather usage data and generate trend reports. These providers may also collect information about how you use other websites or apps, in accordance with their own privacy policies.
Flash Cookies: Adobe Flash and similar technologies may store certain data about how you use the services. Most modern browsers have phased out Adobe Flash, so this may not apply to your setup. If applicable, you can adjust your browser settings to manage Flash cookies.

How to Manage Cookies:

Your browser gives you control over your cookie preferences, including disabling or deleting Stablemate cookies. Disabling cookies may limit the functionality of some features. Helpful resources:

Last updated: September 2025

The EU-U.S. and Swiss-U.S. Data Privacy Framework Policy for Stablemate (“Stablemate,” “we,” “our,” or “us”) reflects our commitment to the transatlantic data protection frameworks (collectively, the “Frameworks”). Stablemate adheres to the applicable Principles, including Supplemental Principles: additional binding obligations under the Frameworks, for personal data received from entities in the European Economic Area (“EEA”) and Switzerland.

This Policy works in conjunction with our broader Privacy Policy to explain how we handle personal data from the EEA and Switzerland under these frameworks. Terms defined in the Privacy Policy also apply here.

If there is any conflict between this Policy and the governing Principles regarding personal data received under the Frameworks, the Principles will prevail to the extent of that conflict. To learn more, visit the official Data Privacy Framework website.

Principles: Notice

Our Privacy Policy outlines how we collect and use personal data from various sources. This Policy focuses specifically on data governed by the Frameworks. If you are a Stablemate member, we may act on your behalf regarding personal data you provide to us. In most cases, we do not have a direct relationship with your customers. The member is responsible for ensuring that those customers are appropriately informed and given a choice regarding their personal data.

Choice:

As a data controller, and when required by applicable law, Stablemate provides individuals in the EU and Switzerland with the option to choose whether their personal data may be disclosed to third-party controllers or used in a way that is materially different from its original purpose. Where required, we obtain opt-in consent for sensitive data. Individuals may contact us using the information below to manage how their data is used or shared. Unless such a choice is clearly offered, Stablemate uses data only for purposes consistent with this Policy.

Data Integrity and Purpose Limitation:

We collect only the personal data necessary to provide our services. We use it in ways compatible with those services or as otherwise explained. We take reasonable steps to ensure that the data we receive is accurate, complete, up to date, and relevant to its intended use.

Accountability for Onward Transfers:

This Policy and our general Privacy Policy explain how we share personal data. Unless required by law or covered under our controller or processor roles, Stablemate gives individuals the option to opt out of sharing data with third-party controllers. Third parties we work with are contractually required to handle personal data only for approved purposes and to maintain protections aligned with the Frameworks. If a third-party controller cannot meet these requirements, they must inform us and take appropriate action.

We ensure our agents and service providers maintain the same level of protection required under the Frameworks.
If we transfer personal data to an agent or provider, we ensure they handle it in a way that aligns with our obligations, unless we can demonstrate that we are not responsible for any resulting issue.
We may disclose personal data to lawful authorities for reasons related to law enforcement, national security, legal processes, or court orders. These disclosures are not subject to opt-out rights.

Recourse, Enforcement, and Dispute Resolution:

If you have questions or concerns, please write to us or email us using the contact information below. We will investigate and try to resolve any complaints regarding how we use or disclose personal data under the Frameworks. If we cannot resolve the issue, you may contact JAMS, an independent U.S. dispute resolution provider, free of charge. We will cooperate with EU data protection authorities and the Swiss Federal Data Protection and Information Commissioner. Binding arbitration may be available for unresolved issues as described in Annex I of the Frameworks. Stablemate is subject to the investigatory and enforcement authority of the U.S. Federal Trade Commission (“FTC”).

Contact:

Email: support@stablemate.app

Mail: Steady Flow D/B/A Stablemate, Attn: Legal Division

7014 13th Ave, Suite #202

Brooklyn, NY 11228

Last updated: September 2025

The General Data Protection Regulation (GDPR) applies to members of our websites or mobile applications who reside in the European Union (EU) or the European Economic Area (EEA), which includes the EU, Iceland, Liechtenstein, and Norway. This law sets out a framework of rights governing how personal data is collected, processed, transferred, and protected. Steady Flow, LLC, doing business as Stablemate (“Stablemate,” “we,” “us”), is committed to taking reasonable steps to protect your personal data and ensure ongoing compliance with GDPR requirements. We take privacy seriously and are constantly improving how we protect member data in accordance with these regulations.

We follow the GDPR’s seven core principles and implement additional safeguards to protect member data while providing a safe, intelligent, and community-driven platform.

GDPR’s Seven Key Principles:

Lawfulness, fairness, and transparency
Purpose limitation
Data minimization
Accuracy
Storage limitation
Integrity and confidentiality (security)
Accountability

These principles are at the core of our approach to processing and protecting personal data.

Legal Basis

Under the GDPR, Stablemate must establish a legal basis for collecting personal data from EU and EEA residents. The legal basis varies depending on the context in which we collect and use data. Our processing activities typically fall into one or more of the following categories:

Necessary for the performance of a contract
Necessary to protect vital interests of the data subject or another person
Legitimate interest in understanding website usage
Legitimate interest in supporting business operations
Legitimate interest in ensuring cybersecurity
Legitimate interest in fulfilling legal obligations and protecting legal rights
Consent provided by the member

International Transfers

Personal data you provide may be transferred and stored outside the EU or EEA, such as in the United States. This may occur when our systems or personnel operate outside the EEA. Your information is stored on secure servers managed by us or trusted service providers. We take necessary steps to ensure the secure handling of your data across jurisdictions. Where required, transfers rely on recognized safeguards such as Standard Contractual Clauses or participation in the EU-U.S. Data Privacy Framework. If these conditions change, we will inform members accordingly.

Data Retention

We retain personal data only as long as necessary to fulfill the purposes outlined in our privacy policies and to comply with legal obligations. Even if you exercise privacy rights, we may retain certain data for legal, research, or public interest purposes, or to establish or defend legal claims.

Your Rights

As a Stablemate member in the EU or EEA, you are entitled to the following rights under the GDPR:

The right to be informed about data collection and use
The right to object to data processing
The right to correct inaccurate or incomplete data
The right to request data deletion
The right to restrict data processing
The right to data portability
The right to withdraw consent at any time
The right to object to automated decision-making
The right to lodge a complaint with a supervisory authority

Some rights may be subject to exceptions. For assistance, contact us at support@stablemate.app. We respond to verified requests within GDPR timelines.

Stablemate maintains tailored privacy notices for specific member groups:

Website and mobile app members
Employees, contractors, and job applicants
Visitors
Partners and suppliers
Donors and sponsors
Educational or professional program participants
Local or international organizations and institutions

What Stablemate Is Doing to Comply with the GDPR

We have strengthened technical and organizational controls in the following areas:

Data Subject Rights

We revised policies and member-facing pages to explain clearly how personal data is collected, processed, and shared. With member consent and respect for privacy, we share personal data only with GDPR-compliant service providers and sub-processors necessary to deliver our services.

Sub-processor Service and Headquarters

Stripe: Payments, data management (USA)
Google Places: Service tools (USA)
Twilio: Communications (USA)
Namecheap: Hosting and domain services (USA)

Stablemate honors data access, portability, and deletion requests. Members can request access to, correction of, or deletion of their personal data, and may export it in a machine-readable format.

Data Protection by Design and Default

Privacy is embedded into new features from the start. We track where and how personal data is processed to ensure visibility and member control. We process only the personal data necessary to operate the platform. After the purpose ends, data is deleted or pseudonymized.

Data Minimization

We collect only the data necessary for specific processing activities and remove it when no longer required.

Security of Processing

We implement layered security, access controls, monitoring tools, audit trails, and role-based authorizations to safeguard data and minimize exposure.

Data Mapping

We conduct ongoing data mapping to understand data flow and processor responsibilities, and to ensure all sub-processors comply with GDPR standards.

How to Submit a Data Subject Request

We are developing tools for members to submit Data Subject Rights requests online. For now, members may contact us directly or update their personal information through their Stablemate account. Requests for access, correction, or deletion will be honored promptly and within GDPR timelines.

Data Breach

In the event of a personal data breach, Stablemate will notify the relevant supervisory authority without undue delay and, where feasible, within 72 hours. When a breach is likely to result in a high risk to individuals, we will notify affected members without undue delay.

Questions about this GDPR Notice may be sent to support@stablemate.app. Include your full name, email address, and inquiry. A qualified team member will respond promptly and professionally.

Last updated: September 2025

Restricted Businesses: The following types of businesses and business practices are not permitted to use the Stablemate mobile application (“Services”) or any associated third-party providers (“Providers” or “Partners”). These are collectively referred to as “Restricted Businesses.” Restrictions may arise from network rules or requirements set by our financial service providers. In limited cases, certain Restricted Businesses may become eligible to use our Services with prior written approval from Stablemate and its providers.

All individuals must meet the minimum age required by applicable law. The global default is 18+, with 21+ enforced where local jurisdiction requires it. Members are also prohibited from engaging in or promoting illegal activity through the platform. We encourage all members to carefully review our legal notices before creating an account. These can be accessed at any time through the Legal Center in both the website and the mobile application.

Please Note: Businesses offering illegal products or services, or engaging in unlawful activity, are strictly prohibited from using Stablemate. The categories listed below are representative, not exhaustive. If you are unsure whether your business qualifies as restricted, please contact us for clarification.

By registering, you confirm that you will not use the Services to accept payments or conduct activity related to the following types of businesses or practices without prior written approval from Stablemate and its service providers.

Financial and Professional Services

Securities brokerage
Mortgage or debt relief services
Crowdfunding platforms
Insurance sales
Law firms holding client funds
Cryptocurrency wallets and exchanges
Sale of digital currencies (such as Bitcoin)

IP Infringement, Regulated or Illegal Products and Services

Online casinos
Unauthorized streaming platforms
Counterfeit fashion or unauthorized goods
Firearm sales
E-cigarettes
Prescription drug sites or unlicensed pharmaceuticals
Pornography
Escort services
Explosives or weapons

Unfair, Predatory, or Deceptive Practices

Get-rich-quick schemes
Pay-to-remove mugshot services
No-value-added resales of government services
Unlicensed fund aggregation
High-risk services (such as psychic readings)
Chain letters
Extended warranties with misleading claims

Other Prohibited Areas

Multi-level marketing and pyramid schemes
Pseudo-pharmaceuticals
Social media manipulation services
Substances that mimic illegal drugs
Unlicensed sales of in-game currency
Misuse of the Stablemate platform (including card testing, chargeback evasion, unauthorized payment processing)

High-Risk or Sanctioned Regions

Businesses that operate from, or sell to, internationally recognized high-risk or sanctioned jurisdictions (including but not limited to those designated by the Office of Foreign Assets Control (OFAC), the European Union (EU), the United Kingdom (UK), or the United Nations) or entities on official restricted person lists may be restricted from using Stablemate or its payment processing services, unless expressly permitted with prior written approval.

By registering a business with Stablemate, you confirm you will not use Stripe or Stablemate services for any activity listed in this policy. This includes any product or service that infringes the intellectual property (“IP”) rights of others. If you are an IP rights holder who believes your rights are being violated via Stablemate, you may submit an IP Notice by emailing legal@stablemate.app or mailing your request to:

Steady Flow D/B/A Stablemate

Attn: Legal Division

7014 13th Ave, Suite #202

Brooklyn, NY 11228

Upon receiving a complete IP Notice, we will investigate the claim and may take appropriate action, including removing infringing profiles or terminating access to our Services. Your submitted notice may be shared with the party allegedly responsible as part of our investigation.

If you have questions about our Restricted Businesses Policy, please include your full name, email, and concern. Your inquiry will be reviewed promptly and answered by a qualified professional, not an automated system.

Last updated: September 2025

To help deliver its Services, Stablemate may engage third-party service providers to support data processing activities. When these providers assist us in our role as a data processor, they are referred to as sub-processors (“Sub-processors”).

This report identifies each Sub-processor, the services they provide, and their primary processing location. Before engaging a Sub-processor, we conduct due diligence, including security and legal evaluations. We partner only with providers that meet our professional standards. All Sub-processors are bound by contracts that require compliance with applicable data protection laws, recognized transfer mechanisms, and Stablemate’s privacy commitments.

Current Sub-processors – Services and Headquarters

Namecheap: Domain registration, hosting, server infrastructure — United States (Standard Contractual Clauses (SCCs) for European Economic Area (EEA) transfers)
Google: Cloud servers, data management, email services, analytics, app publishing, distribution, marketing, sales, member reviews — United States (EU-U.S. Data Privacy Framework (DPF) participant)
Apple: App publishing, distribution, marketing, sales, member reviews — United States (Standard Contractual Clauses (SCCs) for European Economic Area (EEA) transfers)
Stripe: E-commerce payment processing, data management — United States (EU-U.S. Data Privacy Framework (DPF) participant)
Twilio: Communications services, SMS, multi-factor authentication, API-based messaging — United States (EU-U.S. Data Privacy Framework (DPF) participant)

Our operational needs may change over time. For example, we may remove a Sub-processor to streamline operations, or add a new provider to improve our services. This page will be updated to reflect changes in our Sub-processor list, and members will be notified at least 30 days before a new Sub-processor that handles personal data is added.

If you have a question about this Sub-Processor Report, please include your full name, primary email, and your inquiry. Once submitted, a qualified team member will respond promptly.

Last updated: September 2025

This website is operated by Steady Flow, LLC (hereinafter referred to as “Stablemate”). By registering for or using the Services—including browsing the website or installing or using any software provided by Stablemate—you agree to be bound by these Terms of Service, our Privacy Policy, and any other referenced policies (collectively, the “Terms”). Stablemate may revise the Terms by posting an updated version with a new effective date. These updates take effect immediately. If material changes are made, members will be notified through the Services or via email. Continued use of the Services after such changes constitutes acceptance of the revised Terms.

All visitors and members of the Services are referred to collectively as “you” or “members.” Stablemate may be referred to as “Stablemate,” “we,” “us,” or “our.”

USE OF THE SERVICES

By using our Services, you expressly represent and warrant that (i) you are legally entitled to enter these Terms, (ii) you are at least 18 years old, and (iii) that you have the authority and capacity to enter into and abide by these Terms. The Services are not available to persons under the age of 18. Subject to the Terms, members may register for and use the Services solely for their personal use. The Services shall not be used for commercial purposes. Members remain solely liable for compliance with local laws and jurisdictional requirements while using the Services.

Stablemate provides a membership platform where members may set up in-person meetings with each other (“Meetings”). We do not monitor, vet, or endorse any Meetings or members. We do not supervise Meetings and are not involved with any of the actions of the individuals at these Meetings. You are solely responsible for determining if a Meeting is safe. We do not conduct background checks of members. Generally, there are risks associated with meeting strangers, including, without limitation, the failure of attendees to abide by applicable laws, miscommunication regarding the details of the Meeting, and inappropriate or dangerous conduct on the part of the attendees or other persons at the Meeting location. By using the Services, you represent and warrant that you meet the 18+ eligibility requirement for the Services and agree that you are solely responsible for determining the suitability and safety of a Meeting you wish to attend.

It is within a member’s sole discretion whether to charge a fee for Meetings (“Meeting Fee”). This fee is separate and distinct from the Member Fee (defined below). Stablemate is not responsible for determining whether Meeting Fees are charged or the amount of any Meeting Fee. Stablemate does not take any portion of the Meeting Fees.

Stablemate reserves the right to refuse the use of the Services to anyone and to suspend, discontinue, cancel, or remove any member at any time and for any reason without liability. Stablemate will notify members of any such suspension, discontinuance, cancellation, or removal.

Members may be required to register with third-party service providers, such as payment processing providers, in order to access or use the Services. While Stablemate may support you in your use of and registration with these third-party services, any agreements or dealings with third-party providers are independent and Stablemate is not a party to these agreements. Members agree that Stablemate may exchange any information with such third-party service providers in accordance with our Privacy Policy.

PRIVACY

Stablemate understands that members may provide personal information, and we take the privacy of our members seriously. Please find a current version of Stablemate’s Privacy Policy by clicking on Privacy Policy.

The Children’s Online Privacy Protection Act (“COPPA”) requires that online service providers obtain parental consent before they knowingly collect personally identifiable information online from children who are under the age of 13. We do not knowingly collect or solicit personally identifiable information from children under the age of 13. If you are a child under the age of 13, please do not attempt to register for the Services or send any personal information about yourself to us. If we learn that we have collected personal information from a child under 13 years of age, we will immediately delete that information and deactivate any accounts. If you believe a child under the age of 13 may have provided us with personal information, please contact us at: support@stablemate.app

MEMBER REGISTRATION AND ACCOUNTS

In order to access and use the Services, members are required to register for a Stablemate account. If you choose to register, you agree to provide and maintain truthful, accurate, current, and complete identifying information. This information may include names, contact information, and payment information. The collection of such identifying information is governed by Stablemate’s Privacy Policy. If any of your registration information is false, inaccurate, or incomplete, Stablemate reserves the right, in its sole discretion, to terminate your account immediately. Stablemate also reserves the right to reject any application for registration within its sole discretion and has no obligation to disclose the reason for rejecting the application.

Members are responsible for maintaining the confidentiality of their accounts, including their usernames and passwords. You agree to immediately notify Stablemate of any unauthorized use of your account or other breach of security. Notification of breaches should be sent to us at: support@stablemate.app

By registering with Stablemate, you opt into receiving notifications and communications from Stablemate, which may include e-mails related to changes to the Services. If you wish to stop receiving this material, you may unsubscribe at any time by following the instructions in your e-mail. Please note that even if you unsubscribe from receiving such notifications, you will still receive e-mails containing notices required by law. Opting out of receiving messages from us may result in missed notifications and prompts, which if not acted upon, may affect your Services. Stablemate is not responsible for any outcome resulting from a member’s failure to respond to a prompt.

Members also have the option to update, change, remove, correct, or request that certain information be removed from their account. Most changes may be made using the “Settings” feature on each member’s account. To deactivate an account indefinitely, members must send a deactivation request to Stablemate at support@stablemate.app stating a brief reason for the deactivation.

MODIFICATION, SUSPENSION OR DISCONTINUANCE OF SERVICES

Stablemate reserves the right to modify, suspend or discontinue the Services to members (or any part thereof), either temporarily or permanently. In accordance with this provision, Stablemate will attempt to notify members of any such modification, suspension, or discontinuance. To the extent permitted by law, members agree that Stablemate will not be liable for any modification, suspension, or discontinuance of the Services in accordance with these Terms of Service.

PLATFORM SERVICES ONLY

Stablemate is an administrative platform only. Stablemate simply facilitates the communication and transaction between members but is not a party to any agreement between members. Stablemate has no control over the conduct of, or any information provided by its members, and Stablemate hereby disclaims all liability in this regard to the fullest extent permitted by applicable law.

SERVICE GUIDELINES AND RESTRICTIONS

By using the Services and any other related features, members agree to the service guidelines and restrictions. Abuses of the service guidelines and restrictions are not tolerable, and Stablemate reserves the right to suspend or terminate members’ accounts indefinitely and permanently upon notice of such abuses. Stablemate will use reasonable efforts to ensure the safe, legal, and moral use of its Services.

The following non-exhaustive list includes those actions, which are required or strictly prohibited:

You may not authorize others to use your account, and you may not assign or otherwise transfer your account to any other person or entity.
You agree to comply with all applicable state, federal, and local laws while using the Services.
You may only access the Services using authorized means and it is your responsibility to ensure that you have downloaded the correct software for your device. Stablemate is not liable if you do not have a compatible handset or if you have downloaded the wrong version of the Services, and Stablemate reserves the right to terminate these Terms should you be using the Services with an incompatible or unauthorized device.
Your participation in using the Services is for your sole, personal, and non-commercial use.
You will not use the Services for any fraudulent, misleading, inaccurate, or dishonest purposes.
You will not use the Services to cause nuisance, annoyance, or inconvenience.
You will not impair the proper operation of the Services.
You will not try to harm the Services in any way whatsoever.
You will not copy or distribute the Services without the prior written consent of Stablemate.
You will keep your account username and password secure and confidential.
You will provide us with whatever proof of identity we may reasonably request.
You will not license, sub-license, sell, resell, transfer, assign, distribute, or otherwise commercially exploit or make available to any third party the Services in any way.
You will not modify or make derivative works based upon the Services.
You will not create Internet “links” to the Services or “frame” or “mirror” any software on any other server or wireless or Internet-based device.
You will not (except as permitted by applicable law) reverse engineer or access the Services in order to build a competitive product or service, build a product using similar ideas, features, functions, or graphics of the Services, or copy any ideas, features, functions or graphics of the Services.
You will not launch an automated program or script, including, but not limited to, web spiders, bots, viruses or worms, or any program, which may make multiple server requests per second, or unduly burdens or hinders the operation and/or performance of the Services.
You will not send spam or otherwise duplicative or unsolicited messages in violation of applicable laws through the Services.
You will not send or store through or on the Services infringing, obscene, offensive, threatening, libelous, or otherwise unlawful or tortious material, including material harmful to children or in violation of third-party intellectual property or privacy rights.
You will not send or store through or on the Services material containing software viruses, worms, Trojan horses, or other harmful computer code, files, scripts, agents, or programs.
You will not interfere with or disrupt the integrity or performance of the Services or the data contained therein.
You will not attempt to gain unauthorized access to the Services or its related systems or networks.
You will not use the Services to promote violence, discrimination, humiliation, or hatred against any individuals or groups based on race, ethnic origin, religion, disability, gender, age, veteran status, sexual orientation, or gender identity.

STABLEMATE’S INTELLECTUAL PROPERTY

Members acknowledge and agree that the Services may contain content or features that are protected by copyright, patent, trademark, trade secret, or other proprietary rights and laws. Unless expressly authorized by Stablemate, members agree not to modify, copy, frame, scrape, rent, lease, loan, sell, distribute, or create derivative works of the Service content or features. If Stablemate blocks any member from accessing the Services, members agree not to implement any measures that circumvent the blocking. Any use of the Services or its features other than as specifically authorized herein is strictly prohibited. Members also agree not to copy, modify, create derivatives, reverse engineer, reverse assemble, or otherwise attempt to discover any source code, sell, assign, sublicense, or otherwise transfer Stablemate’s software. Any and all rights not expressly granted are herein reserved by Stablemate. Members are prohibited from using any visual element that constitutes an endorsement by Stablemate without their prior consent.

The Stablemate name and logo are trademarks and service marks of Stablemate. Nothing contained in these Terms of Use or the Services constitutes as granting, by implication, estoppel, or otherwise, any license or right to use any of the Stablemate trademarks, without its prior written consent. Any and all goodwill that is generated from using Stablemate’s trademarks will inure to Stablemate’s exclusive benefit.

PAYMENT AND FEES

Members are charged a fee via the iTunes app store in order to download and use the Services (“Member Fee”). Stablemate reserves the right to increase or decrease the Member Fee from time to time.

In order to register for an account, members are required to provide valid credit, debit card, or bank account information from and to which Meeting Fees will be processed. Unless otherwise stated, all fees and charges are non-refundable and are exclusive of any applicable federal, state, or local taxes. You agree to maintain a valid payment method during the term of your use of the Services. If credit/debit card or bank account information is no longer valid at the time of payment processing, you will be required to provide new and valid payment information in order to continue using the Services.

Upon scheduling a meeting, 20% of the Meeting Fee is charged as a security against no-shows (“Booking Fee”). Members agree that if a Meeting is canceled within the allowed cancellation period, any applicable Meeting Fees will not be payable however the Booking Fee is non-refundable.

PAYMENT PROCESSING SERVICES

Credit card payment processing services on Stablemate are provided by Stripe, Inc. (“Stripe”) and are subject to the Stripe Connected Account Agreement, which includes the Stripe Terms of Services (collectively, the “Stripe Services Agreement”). Members agree to be bound by the Stripe Services Agreement, as the same may be modified by Stripe from time to time.

As a condition to using these credit card payment processing services through Stablemate, members agree to provide Stablemate with accurate and complete information about themselves and also authorize Stablemate to share any such information with Stripe, as well as transaction information related to the use of the payment processing services provided by Stripe. Stablemate reserves the right, within its sole discretion, to terminate a member’s account for failure to meet Stripe’s requirements for verification of identity, bank account requirements, or for any alleged breach of the Stripe Services Agreement.

MOBILE COMMUNICATIONS

The Services include functionality that is available via a mobile device (“Mobile Functionality”). For example, Mobile Functionality allows for location tracking and communications between members. To the extent you access the Services through a mobile device, your wireless service carrier standard charges, data rates and other fees may apply. In addition, downloading, installing, or using certain Mobile functionalities may be prohibited or restricted by your carrier, and not all Mobile Functionality may work with all carriers or devices.

UNSOLICITED MATERIALS AND SUBMISSIONS

Any unsolicited materials or submissions received by Stablemate will be discarded and/or returned to the sender. Stablemate will have no express or implied obligation or liability of any kind concerning the submissions, including, the use or disclosure of the submissions. Stablemate and its members are entitled to unrestricted use or disclosure of the submissions for any purpose whatsoever, all without compensation to the member that submitted the submission.

INTERNET DELAYS, INTERRUPTIONS AND OUTAGES

Stablemate’s Services may be subject to limitations, delays, interruptions, outages, and other problems inherent in the use of the Internet and electronic communications. Stablemate is not responsible or liable for any delays, delivery failures, or other damages resulting from such problems. Stablemate is also not responsible or liable for any outages caused by third parties that help us store and facilitate the transmission of messages between members. Use of the Services is at a member’s own risk.

INDEMNITY

Members agree to indemnify, release, defend, and hold harmless Stablemate, its subsidiaries, and any affiliated companies, and its members, officers, directors, employees, contractors, and agents from any and all claims, causes of action, damages, obligations, losses, liabilities, costs or debt, and expenses, including attorneys’ fees and costs, and all amounts paid in a settlement arising from or relating to the use of the Services, breach of these Terms or the violation of any laws.

Disclaimer of Warranties

SERVICES ARE PROVIDED ON AN “AS IS” AND “AS AVAILABLE” BASIS WITHOUT ANY WARRANTIES, EXPRESS OR IMPLIED, INCLUDING, WITHOUT LIMITATION, IMPLIED WARRANTIES OF MERCHANTABILITY OR FITNESS FOR A PARTICULAR PURPOSE, NON-INFRINGEMENT, TITLE OR COURSE OF PERFORMANCE.

LIMITATION OF LIABILITY

STABLEMATE, INCLUDING ITS AFFILIATES, MEMBERS, DIRECTORS, OFFICERS, EMPLOYEES, AGENTS, SUBCONTRACTORS, OR LICENSORS, IS NOT LIABLE FOR ANY INDIRECT, PUNITIVE, INCIDENTAL, SPECIAL, CONSEQUENTIAL OR EXEMPLARY DAMAGES OR, IN ANY EVENT, FOR DAMAGES EXCEEDING ONE HUNDRED U.S. DOLLARS ($100.00 USD). THIS LIMITATION OF LIABILITY SECTION APPLIES WHETHER THE ALLEGED LIABILITY IS BASED ON CONTRACT, TORT, NEGLIGENCE, STRICT LIABILITY, OR ANY OTHER BASIS, EVEN IF STABLEMATE HAS BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGE AND TO THE FULLEST EXTENT PERMITTED BY LAW IN THE APPLICABLE JURISDICTION.

NOTWITHSTANDING ANY PROVISION OF THE TERMS, FOR MEMBERS IN JURISDICTIONS THAT HAVE PROVISIONS SPECIFIC TO WAIVER OR LIABILITY THAT CONFLICT WITH THE FOREGOING, THEN STABLEMATE’S LIABILITY IS LIMITED TO THE SMALLEST EXTENT PERMITTED BY LAW.

ASSIGNMENT

The Terms and any rights and licenses granted hereunder may not be transferred or assigned by any member but may be assigned by Stablemate without restriction.

TERMINATION/SURVIVAL

Stablemate may terminate or suspend the Services or any part thereof immediately, without prior notice or liability, if you breach any of the Terms. Members may terminate their accounts at any time by following the instructions on the Services.

This Agreement shall automatically terminate (i) upon the institution by Stablemate of insolvency, receivership, or bankruptcy proceedings or any other proceedings for the settlement of Stablemate’s debts, (ii) upon Stablemate making an assignment for the benefit of creditors, or (iii) upon Stablemate’s dissolution or ceasing to do business. Should this Agreement automatically terminate based on sections i, ii, or iii of this paragraph, members will be notified and provided a 60-day grace period to save any content stored through or on the Services.

Any fees paid hereunder are non-refundable. Upon termination by Stablemate or by you, your right to use and access the Services, and any Content will immediately cease. Stablemate may retain member account information after termination in accordance with regulatory, accounting, and legal compliance procedures.

All provisions of these Terms which by their nature should survive termination shall survive termination, including, without limitation, intellectual property provisions, disclaimers, indemnity, and limitations of liability.

GOVERNING LAW

Members agree that (1) the Services shall be deemed solely based in New York and (2) the Services shall be deemed a passive one that does not give rise to personal jurisdiction over Stablemate, either specific or general, in jurisdictions other than New York. This Agreement shall be governed by the laws of the State of New York, without regard to conflict of laws principles.

ARBITRATION

Stablemate and members agree that any and all disputes or claims shall be resolved exclusively through final and binding arbitration, rather than in court. Stablemate and members manifest their assent to arbitrate by providing and using the Services. Arbitration claims are those that Stablemate asserts against a member and that a member asserts against Stablemate, any related or affiliated entity, and the owners, officers, directors, agents, or employees of any of them. The Federal Arbitration Act shall govern the interpretation and enforcement of this agreement to arbitrate. If for any reason the FAA is inapplicable, the laws of New York shall apply. To the extent permitted by law, the Parties agree to arbitrate claims on an individual basis only and waive any right to bring, participate in, or recover under, a class, collective, consolidated, or representative action. The arbitrator shall apply the Terms and the same substantive law to the dispute as a court would and under the same law of remedies. To begin an arbitration proceeding against Stablemate or a related party, the member must send a letter requesting arbitration and describing the claim to Stablemate at:

Steady Flow, LLC

Attn: Legal Division

7014 13th Ave, Suite #202,

Brooklyn, NY, 11228

The arbitration will be conducted by the American Arbitration Association (AAA) under the rules applicable to the claim asserted, including, but not limited to, the AAA’s Supplementary Procedures for Consumer-Related Disputes. The AAA’s rules are available at www.adr.org or by calling 1-800-778-7879. Stablemate will supply a printed copy of the rules upon a member’s request. Payment and reimbursement of all filing, administration, and arbitrator fees will be governed by the AAA’s rules. New York, New York is the sole proper venue for arbitration; provided, however, that the arbitrator once selected shall have the authority to order the parties to arbitrate in a different venue for good cause shown, applying federal law for transferring venue on grounds of forum non conveniens. If, notwithstanding this arbitration agreement, a claim for any reason proceeds in court rather than in arbitration, the dispute shall be exclusively brought and heard in a court of competent jurisdiction located in the City and County of New York, New York. Except as otherwise provided by law or the AAA’s rules, the prevailing party in any arbitration will be entitled to receive from the non-prevailing party all of its reasonable attorneys’ fees and costs.

NOTIFICATIONS

Members agree that Stablemate may provide notifications to members via e-mail, written or hard copy notice, or through conspicuous posting of such notice on its Services. Members may opt out of certain means of notifications or to only receive certain notifications.

ENGLISH LANGUAGE

In the event of a conflict between the English language version of the Terms and any foreign language translation versions thereof, the English language version of the Terms shall govern and control. All disputes, claims, causes of action, and related proceedings will be communicated in English. Unless otherwise explicitly stated, all material found on the Services are solely directed to individuals, companies, or other entities located in the United States.

ENTIRE AGREEMENT/SEVERABILITY

The Terms encompass the entire agreement between members and Stablemate. If any provision of these Terms is deemed invalid by a court of competent jurisdiction, the invalidity of such provision shall not affect the validity of the remaining provisions of this Agreement, which shall remain in full force and effect. Stablemate’s failure to assert any right or provision under this Agreement shall not constitute a waiver of such right or provision.

INDEPENDENCE FROM THIRD-PARTY PLATFORMS

Stablemate’s Services are independent of any platform and its services on which it is located. Stablemate is not associated, affiliated, sponsored, endorsed, or in any way linked to any third-party platform operator, including, without limitation, Apple, Google, Android, or RIM Blackberry (“Operators”). Thus, your download, installation, access to, or use of the Stablemate App is also bound by the terms and conditions of each Operator.

Members hereby acknowledge and agree to the following terms:

These Terms of Service are between you and us only, and not with any Operator, and we, not those Operators, are solely responsible for the Services and the content thereof;

The license granted by Stablemate is a limited, non-exclusive, non-transferable, and non-sublicensable right to use the Services on a portable or mobile device that you own or control and as permitted by these Terms of Service;

We are solely responsible for providing any maintenance and support services with respect to the Services, as required under applicable law. Thus, an Operator has no obligation whatsoever to furnish any maintenance and support services with respect to the Services;

We and not the relevant Operator, are responsible for addressing any claims of you or any third party relating to the Services or your possession and/or use of the Services, including, but not limited to: (i) any claim that the Services fails to conform to any applicable legal or regulatory requirement; and (ii) claims arising under consumer protection or similar legislation;

In the event of any third party claim that the Services or your possession and use of the Services infringes that third party’s intellectual property rights, we, and not the relevant Operator, will be solely responsible for the investigation, defense, settlement, and discharge of any such intellectual property infringement claim; provided such infringement was caused by us;

You must comply with any applicable third-party terms of agreement when using the Services; and

The relevant Operator, and that Operator’s subsidiaries are third-party beneficiaries of these Terms of Service, and that upon your acceptance of these Terms of Service, that Operator will have the right (and will be deemed to have accepted the right) to enforce these Terms of Service against you as a third party beneficiary thereof.

Last updated: September 2025

Thank you for reviewing this policy and welcome to Stablemate. It is the policy of Steady Flow LLC, doing business as Stablemate (“Stablemate,” “we,” “us,” “our,” or the “Services”), to foster a safe, smart, and socially respectful environment for our entire member community (“members” or “you”). This mobile application is built to support skills exchange in a secure setting. We are committed to proactive measures that reduce the risk of violence and manage situations that could lead to harm. All members must cooperate with this policy and comply fully with its guidelines. This policy is regularly updated and enforced to support member safety and community wellbeing. By using the Services, you agree to and accept the terms outlined herein.

SCOPE

Prohibited Conduct: Stablemate does not tolerate violence, threats of violence, unlawful fighting, child abuse, child neglect, or stalking on any private or public property, establishments of any kind, premises, or in any Stablemate activity or program. All unlawful activity such as the use, participation, distribution, or sale or resale of illegal goods, illegal drugs, or weapons is prohibited on the Stablemate mobile application and Services.

DEFINITIONS

Acts of violence: any physical action, whether intentional or reckless, that harms or threatens the safety of another individual on the Stablemate mobile application and Services.
Threat of Violence: any behavior that could be interpreted by a reasonable person as intent to cause physical harm to another individual.
Child abuse: sexual or emotional abuse of a child, and physical injury inflicted on a child by another person, excluding injuries caused by accidental means.
Child neglect: negligent treatment which threatens the child’s health or welfare.
Stalking: a course of conduct directed at an individual that would cause a reasonable person to fear for their safety or the safety of others, or suffer substantial emotional distress.
Labor Trafficking: forced labor or services through coercion, fraud, or force, including debt bondage and involuntary child labor.
Sex Trafficking: exploitation of individuals for sexual purposes, regardless of whether movement across borders occurs.
Drug Trafficking: the global illicit trade involving the cultivation, manufacture, distribution, and sale of substances subject to drug prohibition laws.
Gun Trafficking or Arms Trafficking: illicit trade involving the manufacture, distribution, and sale of firearms or ammunition.
Weapon(s): firearms, ammunition, BB or pellet guns, stun guns, explosives, knives, razors, box cutters, fireworks, hazardous chemicals, or any object used to threaten or commit violence, as defined by applicable law.
Fraud: intentional deception to result in financial or personal gain.
Identity theft: unauthorized use of another person’s identifying information to commit crimes or fraud.
Robbery: theft involving violence or the threat of violence.
Burglary: breaking and entering with intent to commit a crime.
Theft by Deception: obtaining property by deception.
Bribery: offering or receiving a corrupt benefit to influence official action.
Extortion: obtaining property through wrongful use of force, violence, or fear.
Money laundering: disguising criminal proceeds to appear legitimate.
Harassment: aggressive pressure or intimidation in contexts such as workplace, online, religious, racial, or psychological harassment.
Assault: intentionally putting another person in reasonable apprehension of imminent harmful or offensive contact.
Rape: penetration of any kind without consent.
Domestic Violence: also called intimate partner violence (IPV), a pattern of abusive behaviors to maintain power and control over another partner.
Kidnapping: seizing, confining, abducting, or carrying away a person by force or fraud.
Murder: unlawful killing of a human being with malice, as defined by applicable law.
Homicide: the killing of one person by another, lawful or unlawful, as defined by applicable law.
Felony murder: death occurring during the commission of a felony, as defined by applicable law.
Manslaughter: unlawful killing without malice, as defined by applicable law.
Cybercrime: unauthorized access, hacking, phishing, ransomware, denial-of-service attacks, malware distribution, or digital fraud.
Embezzlement: theft or misappropriation of funds placed in one’s trust or belonging to an employer or organization.
Insider Trading: buying or selling securities based on material nonpublic information.
Tax Evasion: willful attempt to evade or defeat taxation obligations.
Corruption: abuse of entrusted power for private gain, including government corruption.
Terrorism: use of violence or intimidation to advance political, ideological, or religious objectives.
Rioting and Civil Disorder: participation in violent public disturbances causing harm or damage.
Organized Crime: membership or participation in a structured group engaging in ongoing criminal activity.
Hate Crimes: criminal acts motivated by protected characteristics such as race, ethnicity, religion, gender, sexual orientation, or disability.
Sexual Harassment: unwanted sexual advances or conduct creating a hostile environment.
Child Exploitation: production, distribution, or possession of child sexual abuse material.
Environmental Crimes: illegal dumping, hazardous waste disposal, wildlife trafficking, poaching, or pollution violations.
Public Corruption: misconduct by government officials including kickbacks, nepotism, or bid-rigging.
Espionage: obtaining or disclosing sensitive information without authorization, including corporate espionage.
Forgery: falsification of documents, signatures, checks, or identification for gain.
Counterfeiting: unauthorized reproduction of money, documents, goods, or securities.
Arson: deliberate setting of fires to property or land.
Human Rights Violations: crimes against humanity, torture, or persecution based on identity.
Catch-All Clause: any other criminal offense under applicable local, state, federal, or international law not explicitly listed here remains prohibited on the Stablemate platform.

REPORTING VIOLENCE

Any individual who experiences or observes a threat or act of violence, or a weapon, must immediately notify local law enforcement (call 911 in the U.S.). Stablemate also encourages members to seek support from trusted contacts or community resources.

Stablemate will handle reports confidentially, disclosing information only when appropriate. Members must promptly report violations or suspected violations of this policy to us. In emergencies, call local authorities first.

RETALIATION

This policy prohibits retaliation against anyone who reports a violation in good faith. Stablemate will not tolerate intentional false reporting. A complaint made in good faith that results in “no violation” is not a false report. False or malicious allegations may result in disciplinary action, including account suspension.

INVESTIGATIONS AND OUTCOMES

For Steady Flow employees: disciplinary action up to termination of employment or permanent removal from premises.
For Stablemate members: account suspension.

Matters that violate state or federal law, or repeated member violations, may be referred to law enforcement.

CONFIDENTIAL RESOURCES

Within the Stablemate mobile application, some licensed professionals may offer counseling services. These professionals are independent contractors and not agents of Stablemate. Counseling is confidential, voluntary, and intended for personal benefit. Talking to these professionals does not constitute reporting to Stablemate. Members seeking such services should contact providers directly through the app or other channels.

YOUR RIGHTS

Members are entitled to make their own decisions in life, liberty, and the pursuit of happiness. No entity should exert overbearing power, belittle, or dictate livelihood. Rights remain the member’s to exercise, consistent with applicable law.

QUESTIONS

Please include your full name, primary email, and question in any inquiry. A qualified professional will review and respond promptly.

Last updated: September 2025

Thank you for reviewing this policy and welcome to Stablemate. We are committed to identifying, preventing, and addressing human rights risks and impacts related to our mobile application. This Human Rights Policy is part of Steady Flow, LLC, doing business as Stablemate (“Stablemate,” “we,” “us,” or “our”) and expands upon our code of conduct. It outlines our shared responsibility to treat all people with fairness, dignity, and respect. These values apply both within Stablemate and to everyone we interact with. While this policy is rooted in broader human rights principles, within the Stablemate community, it applies to all members, based on their participation and conduct within the app.

Our community practices are built on three pillars:

Fairness: We commit to equitable treatment of all members and stakeholders.
Dignity: We uphold the inherent worth of every person interacting with our platform.
Respect: We foster an environment of mutual regard and professionalism.

We make the following seven human rights commitments:

We operate in a way that respects the rights and dignity of all people and complies with all applicable legal requirements.
We honor internationally and nationally recognized human rights, including those outlined in the International Bill of Human Rights and the ILO Declaration on Fundamental Principles and Rights at Work.
We accept our responsibility to respect human rights and avoid complicity in human rights violations, as stated in the UN Guiding Principles on Business and Human Rights.
We treat all Stablemate members fairly and without discrimination. Our team members, contractors, and partners deserve a professional environment that protects their rights and dignity.
We respect the freedom of association. When Stablemate members choose to be represented, we engage with their chosen representatives in good faith and within the law.
We are mindful of the rights of people in communities affected by our operations. We work to identify, minimize, and address any adverse human rights impacts.
We encourage suppliers and partners to uphold these same principles. By doing so, we aim to elevate the quality of life for all involved.

We understand that delivering a safe, smart, and social mobile experience is both a public good and a complex challenge, especially in regions affected by violence or instability. Should our operations cause or contribute to adverse impacts, we are committed to remediation and accountability. While there is no perfect solution to every conflict, we believe that by facing our challenges together, we can create lasting, meaningful change for the betterment of all.

Have a question about our Human Rights Policy? Please include your full name, email, and question. After your message is submitted, a qualified professional will review and respond to assist. Thank you for your time in reviewing our policy. We wish you all the best.

Last updated: September 2025

Thank you for reviewing this policy and welcome to Stablemate. It is the initiative of Steady Flow LLC, doing business as Stablemate (“Stablemate,” “us,” “we,” “our,” “Services”), to provide our member community (collectively, “you,” “yours,” “people,” “members”) a safe, smart, social, skills exchange mobile application for all members. Stablemate promotes measures aimed at reducing incidents of harassment and the management of situations that may lead to violence. All members of the Stablemate community shall cooperate to maintain a safe, smart, social service and shall comply with this policy. This policy is routinely updated and enforced for your safety on the Services website and mobile application. By accepting our Terms of Service and accessing the Services in any manner, you acknowledge that you accept the practices and policies outlined in this policy and you consent to the terms described here.

Kindly note: please review the Violence Prevention Policy along with this policy for additional information you may find useful.

WHAT IS HARASSMENT

Harassment: misconduct that includes unwelcome physical, verbal, or non-verbal conduct which results in a person feeling intimidated, threatened, humiliated, or demeaned, and is likely to interfere with an individual’s work, education, or living conditions. Harassment in any form, based on sex, race, color, age, national origin, ethnicity, ancestry, physical or mental disability, medical condition, genetic information, pregnancy, marital status, religion, gender, gender expression or gender identity, sexual orientation, military or veteran status, or any other characteristic protected by state or federal laws (“protected characteristics”), is unlawful and strictly prohibited, as are all forms of sexual intimidation, exploitation, and violence.

Steady Flow LLC and Stablemate are committed to educating the community in ways to prevent its occurrence. Complaints concerning sexual and gender-based discrimination, harassment, and sexual misconduct can be reported to local and state authorities and may result in arrest and civil or criminal sanctions.

CONDUCT BECOMES UNLAWFUL HARASSMENT WHEN:

Enduring the offensive conduct becomes a condition of continued employment; or
The conduct is sufficient to create a work or academic environment that a reasonable person would consider intimidating, hostile, or abusive.

Anti-discrimination laws also prohibit harassment in retaliation for filing a discrimination claim, testifying, or participating in any way in an investigation, proceeding, or lawsuit under these laws; or for opposing employment practices reasonably believed to be discriminatory. Petty slights and annoyances do not rise to the level of illegality.

Examples of offensive conduct include: offensive jokes, slurs, epithets or name-calling, physical assaults or threats, intimidation, ridicule or mockery, insults or put-downs, offensive objects or pictures, and interference with work or academic performance.

INVESTIGATION AND ENFORCEMENT

Steady Flow LLC, doing business as Stablemate, will conduct a fair, timely, and thorough investigation into member complaints within the scope of this policy to determine what occurred and will take reasonable steps to remedy the effects of any harassment and prevent recurrence. This may include account suspension of offenders and informing victims to contact local authorities and, if needed, to seek or retain legal services. Stablemate provides all parties with appropriate due process and reaches reasonable conclusions based on the evidence collected or reported by the member. Stablemate takes appropriate action when warranted.

For our employees, Stablemate requires training regarding harassment, violence, and the prevention of abusive conduct, consistent with federal and state legal requirements. Stablemate recommends that third parties and members also participate in such training at their discretion.

Behavior intended to dishonor protected characteristics is contrary to the pursuit of inquiry and education and may be discriminatory harassment and unlawful. Some behavior intended to harass, while inappropriate and not tolerated on the Stablemate platform, may not be unlawful. These behaviors may be addressed for members through the disciplinary process and for employees through supervisory intervention. Disciplinary outcomes may include suspension for a period of time. Every complaint is considered based on the totality of the circumstances. A single incident, if severe, may constitute harassment.

EXAMPLES OF BEHAVIORS THAT MAY CONSTITUTE HARASSMENT:

A disabled member is not respected equally to others because of a lack of mobility and is teased or belittled by offensive remarks and commentary.
A member tells another member racially offensive jokes within a meeting.
A member is ostracized by others because of their national origin or religion.
Making or using derogatory comments, epithets, slurs, or jokes based on age, gender, race, and other protected characteristics toward any member of the Services or in public.

SCOPE

This policy applies to all entities, website visitors, and mobile application members of the Steady Flow LLC and Stablemate community (citizens, professionals, students, volunteers, interns, vendors, independent contractors, persons performing services under contract with Stablemate, visitors, and any other individuals regularly or temporarily employed, studying, living, visiting, or otherwise participating on, in, or with the Stablemate website and mobile application). This policy applies to conduct occurring on Stablemate-controlled property and at sponsored events, programs, and activities regardless of location.

Members of the Steady Flow LLC and Stablemate community are encouraged to report unlawful harassment regardless of where the incident occurred or who committed it. Even if Stablemate does not have jurisdiction over the person accused of harassment, Stablemate will take prompt action and reasonable steps to remedy the effects of the harassment and prevent recurrence where capable.

Age eligibility: All members and visitors must be at least 18 years of age, or higher where local jurisdiction requires.

PROHIBITION AGAINST RETALIATION

No member of the Stablemate community will be retaliated against for making a good-faith report of harassment or for participating in an investigation or proceeding conducted by Stablemate or by a state or federal agency. Overt or covert acts of retaliation, reprisal, interference, discrimination, intimidation, or harassment against an individual or group for exercising rights under federal and state laws are unlawful. Stablemate will take steps to prevent retaliation and will take prompt and appropriate corrective action if retaliation occurs. Individuals who violate this policy may be subject to account suspension.

PRIVACY

Stablemate will maintain the privacy of all individuals involved in a report of harassment to the extent possible, in accordance with the company’s Privacy Policy. Privacy generally means that information related to a report of harassment will be shared only with individuals who have a need to know. These individuals will be discreet and will respect the privacy of all involved.

CONFIDENTIALITY

Confidentiality means that information shared with designated officers, executives, and employees will not be revealed to others without the express permission of the reporting individual. These professionals are prohibited from breaking confidentiality unless there is an imminent threat of harm to self or others or as otherwise permitted by law. When a report involves suspected abuse of a minor under the age of 18, these confidential resources are required by state law to notify child protective services and/or local law enforcement.

CONFIDENTIAL RESOURCES

Within the Stablemate mobile application, some members of the community, by their profession, offer skills and services for counseling. These professionals are independent contractors and licensed professionals who use the Services at will. They have their own mechanisms for resolving a person’s needs or complaints. These confidential counseling services are intended for the personal benefit of the individual and offer a setting where various courses of action can be explored. Talking to these professionals does not constitute reporting an incident to Stablemate. Members working with these providers remain under their independent evaluation and advice.

YOUR RIGHTS

You are entitled to make your own decisions in life, liberty, and the pursuit of happiness. No single entity should have overbearing power over you, belittle you, or dictate your livelihood. Your rights remain yours to exercise.

HAVE A QUESTION REGARDING OUR ANTI-HARASSMENT POLICY?

Please provide your full name, primary email, and questions. After you send your message, we will review it promptly and a suitable professional with capacity, not AI technology or bots, will respond accordingly. Thank you for your time in reviewing our Anti-Harassment Policy. We wish you all the best, always.

Last updated: September 2025

Thank you for reviewing this policy and welcome to Stablemate. It is the initiative of Steady Flow LLC, doing business as Stablemate (“Stablemate,” “we,” “us,” “our”), to provide our community with a safe, smart, social, skills exchange platform for our members. Stablemate promotes measures aimed at reducing incidents of fraud and the management of situations that may lead to fraud. All members of the Stablemate community shall cooperate to maintain a safe, smart, social service and shall comply with this policy. This policy is routinely updated and enforced for your safety as a member of the Services website and mobile application. By accepting our Terms of Service and accessing the Services in any manner, you acknowledge that you accept the practices and policies outlined in this policy and you consent to the terms described in this policy.

OUR PURPOSE

We are aware of the fraud epidemic in the United States of America and we recognize that fraud can happen to any entity. Please know that we do not have any effect on individuals or their day-to-day decisions, operations, practices, and livelihoods. Members who use our services vow to do what is right and help others succeed.

We hope members are kind to one another.

We hope members help each other advance respectfully.

We hope members move forward with accountability for their actions, notions, motives, and purpose.

We ask that you report any type of fraudulent activity in any industry to local authorities as soon as it happens or as soon as it is safely and securely possible for you.

Collectively, as a society we all pay for fraudulent activity of any kind in any profession or industry.

OUR AUTHENTICITY

If you doubt the authenticity of any type of correspondence claiming to originate from Steady Flow LLC, doing business as Stablemate, please contact us at legal@stablemate.app. This alerts the company to potential fraud, scamming, or phishing activity and allows it to be investigated and remediated if necessary on our end.

We are aware of numerous forms of fraudulent correspondence including, but not limited to:

Romance or confidence fraud: deceptive relationships for personal or financial gain.
Digital payment fraud: abuse of any technology platform for unauthorized payments.
Mobile app fraud: misleading members regarding rewards, gains, or representations.
Telephone scams: including robocalls and calls attempting to voice record you.
Fax scams: fraudulent messages via fax machine.
Text scams: SMS alerts or deceptive messages.
Email scams: fraudulent or phishing email activity.
Postal mail scams: circulation of fraudulent notices or letters.
Promotional/marketing scams: fake contests, games, or incentives.
Employment fraud: fake jobs, recruitment scams, or workplace fraud.
Paid/incentivized reviews: misleading reviews from corporations or professionals.
Streaming fraud: manipulation of music, video, or film streams.
Education fraud: scams involving tuition, grants, housing, or admissions.
Rental scams: fake offers for homes, vehicles, or equipment.
Charity scams: nonprofit donation fraud.
Warehouse shrinkage: internal theft of inventory.
Cargo theft: theft of transported goods.
Insurance fraud: false billing across insurance types.
Payroll embezzlement: theft from payroll systems.
Refund/return fraud: embezzlement during customer refunds.
Point of sale fraud: employee overcharging or undercharging customers.
Impersonation scams: fake legal letters, billing services, or notices.
Invoice fraud: inflated or fabricated billing across professions.
Funeral/cemetery fraud: misrepresentation in burial or funeral services.
Phishing/social engineering: deceptive messages, QR codes, or fake calls seeking credentials or payments.
Account takeover: credential stuffing, SIM swapping, or port-out fraud.
Payment card fraud: stolen cards, chargeback abuse, triangulation schemes.
Business email compromise: vendor impersonation or fake change-of-bank instructions.
Check/ACH fraud: altered or counterfeit checks, unauthorized debits.
Cryptocurrency scams: fake investments, wallet draining, or exchange impersonation.
Affiliate/advertising fraud: click fraud, fake installs, spoofed leads.
Promo/loyalty abuse: coupon or referral gaming.
Marketplace/escrow fraud: overpayment or shipping label scams.
Document/identity fabrication: forged IDs or synthetic identities.

These forms of bribes, scams, fraud, and stealing are circulating at an alarming rate and may appear in several different languages. They often include actual or identical logos, photos, links, or other information taken directly from an official website, company, application, social media account, or similar source.

OUR POSITION

Our security team will work with law enforcement to make every effort to stop such frauds or scams. We cannot stop them all and at times need your help. Please speak up if you see, suspect, or encounter suspicious activity on our platform or in our community. Please do not involve us in your legal case, filed claims, or list us as a witness if entirely unrelated. This does not limit our obligation to comply with lawful process.

Be advised that our services, specifically Stablemate, and any employers, partners, executives, independent contractors of Steady Flow LLC, Stablemate members, or third-party partner organizations do not:

Request administrative fees.
Host internet lotteries or offer prizes of any kind through email, postal mail, telephone, fax, or in person.
Request registration fees for conferences or summits.
Request information about bank accounts or other private information through unsolicited outreach.
Approach individuals in person offering grant opportunities.
Solicit donations at any time.
Offer investment opportunities.

RESEARCH THE FTC

For more information about the Federal Trade Commission’s efforts against fraud or to file a complaint, please visit the FTC’s resources, including the Division of Privacy and Identity Protection. You may also use the official reporting portal at Report fraud to the FTC and the Federal Trade Commission homepage.

HAVE A QUESTION REGARDING OUR ANTI-FRAUD POLICY?

Please include your full name, primary email, and your question. After your message is submitted, a qualified team member, not an automated bot, will respond promptly and professionally. Thank you for reviewing our Anti-Fraud Policy.

Last updated: September 2025

This Agreement ("Agreement") is made and entered into as of the date an authorized representative of a Covered Entity accepts this Agreement, and is between the Covered Entity ("Covered Entity") and Steady Flow, LLC d/b/a "Stablemate" ("Business Associate"), a limited liability company. WHEREAS, Business Associate provides an online resource and mobile application ("Offering"); and WHEREAS, Covered Entity wishes to engage, or has engaged, Business Associate in connection with said Offering, NOW, THEREFORE, in consideration of the premises and mutual promises herein contained, it is agreed as follows:

Applicability.

This Agreement applies only if you are a Covered Entity or a Business Associate under HIPAA and you use the Services to create, receive, maintain, or transmit Protected Health Information ("PHI") on your behalf. If you are not a Covered Entity or Business Associate, or you do not use the Services with PHI, this Agreement does not apply.

By indicating acceptance through Stablemate’s designated acceptance mechanism, the parties consent to electronic signatures and records for all purposes, and confirm that the signatory has authority to bind the Covered Entity or Business Associate.

Recital: Understanding of HITECH Goals (Non-Binding)

The Health Information Technology for Economic and Clinical Health Act (HITECH Act) is part of the American Recovery and Reinvestment Act of 2009. Its purpose is to encourage the use of electronic health records (EHR) and supporting technologies toward five goals for the U.S. healthcare system: (1) improve care coordination and public health; (2) reduce healthcare disparities; (3) improve quality, safety, and efficiency; (4) ensure privacy and security; (5) engage patients in their care.

Definitions

Agent: As determined under the federal common law of agency.
Breach: As defined in 45 CFR § 164.402.
Business Associate: Steady Flow, LLC.
Covered Entity: An entity that meets the definition in 45 CFR § 160.103 and uses the Services to create, receive, maintain, or transmit PHI.
Data Aggregation: As defined in 45 CFR § 164.501.
Designated Record Set: As defined in 45 CFR § 164.501.
Disclosure / Disclose: As defined in 45 CFR § 160.103.
Electronic Health Record: As defined in Section 13400 of the HITECH Act.
Health Care Operations: As defined in 45 CFR § 164.501.
HIPAA Rules: The Privacy, Security, Breach Notification, and Enforcement Rules at 45 CFR Parts 160 and 164.
HITECH Act: The Health Information Technology for Economic and Clinical Health Act, part of the American Recovery and Reinvestment Act of 2009.
Individual: As defined in 45 CFR § 160.103, including personal representatives under 45 CFR § 164.502(g).
Minimum Necessary: As required by 45 CFR § 164.502(b) and § 164.514(d)(1).
Privacy Rule: Standards at 45 CFR Parts 160 and 164, Subparts A and E.
Protected Health Information (PHI): As defined in 45 CFR § 160.103, limited to information created, received, maintained, or transmitted by Business Associate on behalf of the Covered Entity.
Required By Law: As defined in 45 CFR § 164.103.
Secretary: The Secretary of the Department of Health and Human Services or designee.
Security Incident: As defined in 45 CFR § 164.304.
Security Rule: Standards at 45 CFR Parts 160 and 164, Subparts A and C.
Subcontractor: An entity that creates, receives, maintains, or transmits PHI on behalf of a business associate under 45 CFR § 160.103.
Unsecured PHI: As defined in 45 CFR § 164.402.
Use: As defined in 45 CFR § 164.103.

Obligations and Activities of Business Associate

Not Use or Disclose PHI other than as permitted or required by this Agreement or as Required By Law.
Implement administrative, physical, and technical safeguards to reasonably and appropriately protect PHI in accordance with the Security Rule and Section 13401 of HITECH. This includes access controls, encryption (in transit and at rest where feasible), logging, and workforce training.
Mitigate harmful effects of improper Uses or Disclosures of PHI to the extent practicable.
Report to Covered Entity any Use or Disclosure not provided for by this Agreement. If the event is a Breach of Unsecured PHI, report within ten (10) business days of discovery, and include content consistent with 45 CFR § 164.410(c). If Business Associate acts as an Agent, report immediately and no later than one (1) business day after awareness.
For other compromises, report within twenty (20) business days of discovery.
Ensure subcontractors agree in writing to HIPAA-required restrictions and conditions. Provide copies, summaries, or attestations of such agreements to the Covered Entity within ten (10) business days of request, with commercially sensitive terms redacted as appropriate.
Provide Covered Entity or Individuals access to PHI in a Designated Record Set promptly, to enable Covered Entity’s compliance with 45 CFR § 164.524 timelines.
Accommodate amendments to PHI promptly, to enable Covered Entity’s compliance with 45 CFR § 164.526 timelines.
Make available Compliance Information to the Secretary for audit. If also requested by Covered Entity, Business Associate may provide redacted or summarized Compliance Information sufficient to demonstrate compliance, protecting sensitive information.
Maintain documentation of Disclosures to permit accounting under 45 CFR § 164.528 and provide such documentation to Covered Entity within five (5) business days of request.
Redirect Individuals requesting access, amendments, or accountings to the Covered Entity unless expressly permitted otherwise.

Permitted Uses and Disclosures by Business Associate

Use or Disclose PHI as necessary to perform services for Covered Entity, consistent with HIPAA Rules.
Use PHI for Business Associate’s proper management and administration or to carry out its legal responsibilities.
Disclose PHI for proper management and administration if Required By Law or if recipient provides assurances of confidentiality and reports breaches back to Business Associate.
Provide Data Aggregation services to Covered Entity for Health Care Operations, only as expressly authorized in writing.
Report violations of law to Federal or State authorities consistent with 45 CFR § 164.502(j)(1).
De-identify PHI per 45 CFR § 164.514(a)-(c). De-identified data may be used lawfully.
Follow the Minimum Necessary principle at all times.

Obligations of Covered Entity

Notify Business Associate of privacy practices or restrictions under 45 CFR § 164.520 or § 164.522 that affect BA’s use of PHI.
Notify BA of any changes in permissions or revocations of authorization by Individuals that affect PHI use.
Provide notice of restrictions that must be honored under Section 13405(a) of the HITECH Act.
Provide information to BA as necessary for compliance with HIPAA accounting requirements.
Not require BA to Use or Disclose PHI in any way impermissible under HIPAA Rules.

Term and Termination

Term: Effective upon acceptance by an authorized representative of the Covered Entity, continuing until all PHI is returned or destroyed, unless infeasible.

Termination for Cause: Either party may terminate if the other materially breaches and fails to cure. If cure is not possible, the non-breaching party may report to the Secretary.

Effect of Termination: Upon termination, BA shall return or destroy all PHI within thirty (30) days, unless infeasible. If infeasible, BA shall notify Covered Entity within ten (10) business days and extend protections indefinitely.

Governing Law & Dispute Resolution

Governed by Federal Arbitration Act and applicable Federal law regarding HIPAA. For contract formation and interpretation, governed by the laws of New York. Disputes shall be resolved by binding arbitration under AAA Commercial Arbitration Rules in New York, NY. If Covered Entity is a governmental body or arbitration is legally prohibited, disputes shall instead be resolved in state or federal courts in New York, NY.

Miscellaneous

Regulatory References: References to HIPAA or HITECH provisions mean the current versions as amended.
Amendment: Parties shall amend this Agreement as needed to comply with law.
Survival: Rights and obligations that by their nature should survive termination shall remain in effect.
Interpretation: Any ambiguity shall be resolved to permit compliance with HIPAA and HITECH.
Severability: If any provision is unlawful, void, or unenforceable, the remainder shall remain in effect.

Last updated: September 2025 DEFINITIONS

Agreement: The agreement between Stablemate and the User for use of the Services. This DPA sets the rules under which Stablemate processes Personal Data on behalf of the User. In this DPA the User is the Controller (typically a business customer), which is distinct from a member.

Controller: The natural or legal person which determines the purposes and means of the processing of Personal Data. In this DPA the User is the Controller.

Processor: The natural or legal person which processes Personal Data on behalf of the Controller. In this DPA Stablemate is the Processor.

Personal Data, Processing, Data Subject, Supervisory Authority, Personal Data Breach: Have the meanings given in Regulation (EU) 2016/679 (GDPR). Where relevant, references include the UK GDPR and applicable Swiss law.

Services: The services provided by Stablemate to the User as set out in the Agreement.

Sub-processor: Any processor engaged by Stablemate that processes Personal Data on behalf of the User.

SUBJECT MATTER, DURATION, AND PURPOSE

Subject matter: Stablemate will process Personal Data solely to provide and improve the Services, to secure the Services, and to perform obligations under the Agreement.

Duration: This DPA starts on the effective date of the Agreement and ends automatically when the Agreement ends and Stablemate has deleted or returned Personal Data in accordance with this DPA.

Purpose limitation: Stablemate will not process Personal Data for any purpose other than those documented by the User in the Agreement and this DPA, unless required to do so by applicable law. In that case Stablemate will inform the User before processing unless the law prohibits such notice.

DATA PROCESSING DETAILS (ARTICLE 28(3) GDPR)

Nature of processing: Hosting, storage, transmission, organization, retrieval, analytics for service performance, customer support, and security monitoring.

Categories of Data Subjects: The User’s members and end users whose contact details or account data the User chooses to sync or input into the Services, and the User’s authorized personnel who administer the account.

Types of Personal Data: Contact data (name, email, phone), account identifiers, profile data provided by the User, in-app communications metadata, support correspondence, and other data the User elects to upload or connect through the Services. The Services are not intended to collect special categories of data unless the User has a lawful basis and provides documented instructions.

Retention: Stablemate keeps Personal Data for the term of the Agreement or as otherwise instructed by the User, and deletes or returns Personal Data at termination, subject to lawful retention obligations.

CONTROLLER OBLIGATIONS

The User is responsible for the accuracy, quality, and lawfulness of Personal Data and the means by which it was acquired, and for complying with Controller obligations under applicable data protection laws.

The User will provide documented instructions for processing. Stablemate will promptly inform the User if, in its opinion, an instruction infringes applicable data protection law.

The User will manage and respond to Data Subject requests, supervisory inquiries, and notices, with Stablemate’s assistance as set out below.

PROCESSOR OBLIGATIONS

Processing on documented instructions only: Stablemate will process Personal Data only on the User’s documented instructions, including with respect to transfers, unless required by law.

Confidentiality: Stablemate will ensure persons authorized to process Personal Data are bound by confidentiality obligations.

Security: Stablemate will implement appropriate technical and organizational measures to protect Personal Data against accidental or unlawful destruction, loss, alteration, unauthorized disclosure, or access, taking into account the state of the art, implementation costs, and the nature, scope, context, and purposes of processing. Measures include access controls, encryption in transit and at rest where feasible, logical segregation, vulnerability management, logging and monitoring, secure development practices, and workforce training.

Sub-processors: Stablemate may engage Sub-processors. Stablemate will impose data protection obligations on Sub-processors that are no less protective than those in this DPA and remains liable for their performance. The current Sub-processor list is maintained in the Sub-Processor Report section of the Legal Center. The User may subscribe to updates as available.

International transfers: Where Stablemate or a Sub-processor processes Personal Data outside the EEA, the UK, or Switzerland, Stablemate will ensure an adequate transfer mechanism is in place, such as the EU Standard Contractual Clauses (SCCs), the UK International Data Transfer Addendum (IDTA), or other lawful transfer tools.

Assistance: Taking into account the nature of processing, Stablemate will assist the User by appropriate technical and organizational measures, insofar as possible, for the fulfillment of the User’s obligations to respond to Data Subject requests, perform data protection impact assessments, and consult with supervisory authorities where required.

Records and information: Stablemate will make available to the User information necessary to demonstrate compliance with Article 28 GDPR and this DPA.

Audit: On reasonable prior written notice and no more than once in any 12 month period, the User may audit Stablemate’s compliance with this DPA. Audits will occur during normal business hours, in a manner that does not unreasonably disrupt operations, and may be satisfied by current third party certifications or summary audit reports. The User and any auditor must be bound by confidentiality. Reasonable time spent by Stablemate to support on-site audits may be charged at rates agreed in advance in writing.

PERSONAL DATA BREACH NOTIFICATION

Stablemate will notify the User without undue delay after becoming aware of a Personal Data Breach affecting Personal Data processed on the User’s behalf, consistent with Article 33(3) GDPR. The notification will include available information to help the User meet its breach reporting obligations, including the nature of the breach, the categories and approximate number of Data Subjects, likely consequences, and measures taken or proposed to address the breach.

DATA SUBJECT REQUESTS

Stablemate will, to the extent permitted by law, notify the User of any request received directly from a Data Subject. Stablemate will not respond to such a request without the User’s documented instruction, except to confirm that the request relates to the User.

RETURN AND DELETION OF DATA

At termination of the Services, at the User’s choice, Stablemate will delete or return all Personal Data and delete existing copies, unless applicable law requires storage. Where deletion is not feasible, Stablemate will continue to protect the Personal Data and will not actively process it further.

SUB-PROCESSING

Consent: The User gives general authorization for Stablemate to engage Sub-processors to support the Services.

Notice of changes: Stablemate will post updates to its Sub-processor list in the Legal Center. The User may object on reasonable data protection grounds within 30 days of notice. If the parties cannot reach a resolution, the User may suspend the affected processing or terminate the relevant Services in accordance with the Agreement.

Examples of Sub-processors include infrastructure, communications, analytics, and payment providers listed in the Sub-Processor Report.

LIABILITY AND INDEMNITY

Each party is liable for its own acts and omissions and for those of its direct processing chain to the extent required by applicable law. As between the parties and subject to any limitations of liability in the Agreement, Stablemate will be liable for damages caused by processing where it has not complied with obligations of GDPR specifically directed to processors or where it acted outside or contrary to the User’s lawful instructions.

Any allocation or contribution between the parties for joint liability shall be in accordance with applicable law and the Agreement.

GOVERNING LAW AND JURISDICTION

This DPA is governed by the laws specified in the Agreement. Where required for the validity or interpretation of the EU Standard Contractual Clauses or other mandated transfer instruments, the governing law and forum in those instruments will apply for those purposes.

Nothing in this section limits the rights of Data Subjects or Supervisory Authorities under applicable law.

ORDER OF PRECEDENCE

If there is any conflict between this DPA and the Agreement with respect to the processing of Personal Data, this DPA controls. If there is any conflict between this DPA and the Standard Contractual Clauses or other mandatory transfer instruments, those instruments control for the conflicting terms.

MISCELLANEOUS

Severability: If a provision of this DPA is held invalid or unenforceable, the remaining provisions remain in full force and effect. The parties will replace the invalid provision with a valid provision that achieves the purpose of the original.

Amendment: The parties will work together in good faith to amend this DPA to address changes in data protection law or guidance that materially impact the Services.

Contact: Questions about this DPA can be directed to support@stablemate.app. Please include your name, organization, and a clear description of your request.

ANNEX A - TECHNICAL AND ORGANIZATIONAL MEASURES (SUMMARY)

Access control: Role based access, unique IDs, strong authentication, least privilege, periodic access reviews.

Data security: Encryption in transit using TLS, encryption at rest where feasible, key management aligned with industry practice, logical separation of customer data.

Operational security: Vulnerability management, change management, logging and monitoring, incident response with defined roles and testing.

Physical and environmental security: Data center safeguards provided by reputable hosting providers.

Business continuity and disaster recovery: Backup and recovery procedures, redundancy appropriate to the Services.

Personnel security and training: Background checks where permitted, confidentiality agreements, recurring privacy and security training.

Third party management: Risk based due diligence, contractual obligations for data protection, and ongoing supplier oversight.

Last updated: September 2025

At Stablemate, trust is essential. We work to provide a reliable mobile application that protects your data and respects your privacy. Security is applied in layers through policies, procedures, technical controls, monitoring, and review. We coordinate with qualified partners and independent professionals who provide guidance and help validate security practices across our organization and products.

INFORMATION TECHNOLOGY SECURITY PROTOCOLS

Data network and providers. The Stablemate mobile application uses Firebase on Google Cloud infrastructure hosted in ISO/IEC 27001 certified data centers. Domains, DNS, and public websites are provided through Namecheap. Distribution on iOS is provided through Apple. Payments are processed by Stripe, which maintains Payment Card Industry Data Security Standard (PCI DSS) validation. Communications and messaging services are supported by Twilio. These providers are leaders in their fields and supply documented security controls.

Design and development. We apply privacy by design and privacy by default. Code changes are reviewed, tested, and deployed through controlled processes. We use secure development practices, dependency management, and routine vulnerability review.

SECURITY FEATURES AND MEMBER CONTROLS

Members can manage account settings and profile information within the application. Stablemate applies standard controls intended to reduce social engineering risks and improve security awareness in the community. We encourage members to keep devices updated and to use strong, unique credentials.

COMPLIANCE AND ASSURANCE

Stablemate maintains internal information security controls that are reviewed on a recurring basis. The following frameworks and programs inform our approach. Where applicable, we align our practices with these requirements and rely on our service providers for their certified controls.

HIPAA (Health Insurance Portability and Accountability Act) privacy and security safeguards, supported by Business Associate Agreements where applicable
Namecheap service management commitments for domains and hosting
Google Cloud and Firebase security and data management controls
Apple App Store distribution and platform privacy requirements
Stripe PCI DSS validated payment processing
Twilio communications security and privacy controls for messaging services
AICPA criteria for trust and accountability, progress tracked
TRUSTe program guidance for privacy risk management, progress tracked
ISO/IEC 27001 information security management system controls, progress tracked

At this time, we choose to make the Services available within the United States. We will update this notice if our operating regions change.

THIRD PARTIES AND SUB-PROCESSORS

We publish a current list of sub-processors in the Legal Center, which includes core providers such as Google, Apple, Stripe, Namecheap, and Twilio. These providers are bound by contracts that require appropriate security and privacy protections. Material changes to third party processing will be reflected in that list and, where required, we will provide notice.

INCIDENT RESPONSE

We maintain procedures for detecting, investigating, and responding to security incidents. If we become aware of an event that affects your data, we will act in accordance with our legal obligations and our data protection agreements, including providing notice to members when required.

CONTACT

Questions about this Security Notice may be sent to support@stablemate.app. Please include your full name, primary email, and a clear description of your question. A qualified team member will respond.

Last updated: September 2025

Steady Flow, LLC, doing business as Stablemate (“Stablemate,” “we,” “our,” or “us”) permits providers, third-party developers, partners, and the media (“you,” “users,” “providers”) to use its name, trademarks, logos, webpages, screenshots, and other brand features (collectively, the “Brand Features,” “Marks,” or “Guidelines”) only in limited circumstances and as specified in these policies. By using Stablemate Marks, you agree to adhere to these policies and to the Use Requirements and Terms below. If you have a separate agreement with Stablemate that addresses the use of Stablemate Brand Features, that agreement governs. Terms used but not defined here (such as “Stablemate” and “Services”) have the meanings given in the Services Agreement. For any proposed use of the Stablemate name or logos in publications or other media, submit a professional proposal describing purpose and use to support@stablemate.app.

“Stablemate” and the Stablemate logo are registered, pending, or common-law trademarks of Steady Flow, LLC and its affiliates in the United States (U.S.) and, where applicable, other countries. Include appropriate trademark attribution with your other trademark and copyright notices. When referring to our services, “Stablemate” should be written as one word and used as an adjective followed by a generic descriptor, for example:

Stablemate®
Stablemate™

The Stablemate name should always be accompanied by either the ® or ™ symbol as appropriate. You may not use any Stablemate Marks unless you agree to and comply with this policy and any applicable agreement with Stablemate.

PERMISSION TO USE STABLEMATE INTELLECTUAL PROPERTY

Stablemate Marks are important assets of our business and are protected by U.S. and international laws. We license the Marks on a non-exclusive, non-transferable basis for use on websites or applications that utilize the Services, subject to this policy. We may supervise, monitor, and revoke your license at any time at our discretion. Your license also terminates upon your non-use or cancellation of the Services. Upon termination, promptly remove Stablemate Marks from websites, mobile applications, and other materials.

PROPER USE OF OUR INTELLECTUAL PROPERTY BY YOU

We may provide style or usage guidelines describing size, color, clear space, and placement. Use the Marks consistent with those guidelines unless we expressly agree otherwise in writing. Update your use to conform to guideline changes within a reasonable time after notice.

OUR MEMBER COMMUNITY

Members and providers may use downloadable logos to indicate that they use or associate with the Stablemate platform, website, and mobile application. Any such logo must link to the official Stablemate landing page, not to a personal profile. Use remains subject to this Intellectual Property Policy, the Terms of Service, the Privacy Policy, and any applicable initiatives or agreements with Steady Flow, LLC and Stablemate.

THIRD-PARTY DEVELOPERS OR INDEPENDENT CONTRACTORS

Developers and independent contractors may use downloadable logos to indicate use with the Stablemate platform. The logo must link to the official Stablemate landing page, not to a personal profile. Use is subject to this Intellectual Property Policy, the Terms of Service, the Privacy Policy, and any applicable agreement with Steady Flow, LLC and Stablemate.

PARTNERS

If you have a current agreement with Stablemate (other than an API-only license), you may download logos for use under that agreement and these Guidelines. Partner logo use is subject to the Terms of Service, Privacy Policy, applicable initiatives, your partner agreement, and this Intellectual Property Policy.

MEDIA

Reputable news outlets and established media entities may download Brand Features for reporting on Stablemate. Marks and logos may not be altered, combined with other marks, or used misleadingly. For special requests, email support@stablemate.app with your proposal. Media use is subject to these Guidelines, the Terms of Service, and the Privacy Policy.

VARIOUS USE TYPES

Screenshots and animations. You may use standard screenshots or screen-capture animations of our homepage, landing page, company page, or product pages for instructive or illustrative purposes in print or digital formats. Do not alter the look of the captured image or superimpose graphics. Do not use screenshots of member or provider profile pages that disclose images or personal information unless:

The content is solely your own personal information;
All personal information is obfuscated so individuals cannot be identified;
You have written permission from all identified individuals.

Treatment of personal information is governed by the Stablemate Privacy Policy.

Books or printed materials. Stablemate does not allow the use of its logos or the name “Stablemate” in titles or covers without prior written permission. Send requests to support@stablemate.app.

Film, music, and television. For use of the Stablemate name or logos in audiovisual productions, submit requests with purpose and context to support@stablemate.app.

Blogs and vlogs. Do not use “Stablemate” in titles or headers except as a descriptive reference to the Stablemate website and mobile application. Logo use in blogs and vlogs is limited to permitted uses described in these Guidelines.

Manufactured items. Generally, Stablemate does not permit Marks on manufactured products such as apparel, packaging, or memorabilia without prior written consent. Contact support@stablemate.app for permission requests.

Piracy and infringements. If you encounter suspected infringement, imitation, or knock-offs, report to local authorities where appropriate and email support@stablemate.app with factual details, including a description of events, location, date, items, and any supporting materials. See our Anti-Fraud policy and other legal notices in the Legal Center for additional guidance.

ALL PERMITTED USES OF THE STABLEMATE MARKS MUST CONFORM TO THE FOLLOWING GUIDELINES

Logo display: The Stablemate logo must stand alone with adequate clear space. Maintain a standard area of spacing around the logo in all uses. The mark features a circular form with two offset parentheses-like elements; it also appears as a loading indicator in the product.
Logo and background color: Use the full-color logo for online and mobile application use. Use the teal brand color on a solid black or other approved background per our style guidance. Use high-resolution assets for print. Official assets are available on request.
Logo size: PNG logos may not be enlarged beyond native resolution to avoid degradation. Vector EPS may be scaled as needed. Minimum size is 21 px tall on screen, or 0.25 in (6.35 mm) in print.
No modification: Do not modify the Marks. Do not change colors, proportions, or elements. Do not shorten, abbreviate, or create acronyms from the Marks.
No confusingly similar marks: Do not use the Brand Features in a way that could cause confusion about source, sponsorship, or affiliation.
No incorporation: Do not incorporate the Marks into product names, service names, trademarks, logos, company names, domain names, website titles, application icons, or favicons.
No generic use: Do not use the Marks as common, descriptive, or generic terms.
No plural or possessive use: Do not use the Marks in plural or possessive form.
Domain names: Do not register domain names that include the Marks.
Trade dress: Do not copy or imitate Stablemate’s site or app design, flows, typefaces, distinctive colors, features, or imagery.
Endorsement: Do not display the Marks in a manner that implies endorsement, affiliation, or sponsorship by Stablemate, or that suggests content is authorized by Steady Flow, LLC or Stablemate personnel.
Prominence: Do not display the Marks as the primary or most prominent feature on your materials.
Disparagement: Do not use the Marks in a disparaging or derogatory manner about Stablemate, its products, or services.
Violation of law: Do not display the Marks on sites that contain or promote illegal content, including adult content, unlawful gambling, or sales of tobacco or alcohol to persons under 21, or that otherwise violate law or regulation.
Objectionable use: Do not use the Marks in a manner that is misleading, unfair, defamatory, infringing, libelous, obscene, or otherwise objectionable in Stablemate’s discretion.
Attribution: The Marks must be accompanied by the appropriate ® or ™ symbol. See “Use Outside the U.S.” below.
Use outside the U.S.: Trademark rights vary by country and some jurisdictions restrict the ® symbol. If using the Marks on sites based outside the United States, use the ™ symbol unless otherwise authorized. Stablemate Services are presently limited to the United States.
Termination: Stablemate may direct you to stop using the Brand Features at any time. You agree to cease use within ten (10) business days after request.
Reservation of rights: Stablemate owns all rights in the Marks and reserves all rights not expressly granted.
No warranties: We make no representations or warranties regarding your use of the Marks and disclaim all warranties, including non-infringement.

IMPERMISSIBLE USES OF STABLEMATE MARKS

You may not display, copy, modify, transmit, or otherwise use the Marks except as described in this policy, the Guidelines, or as agreed in writing by Stablemate. Do not use the Marks to imply endorsement by Stablemate or in a manner that causes customer confusion. Do not misrepresent your relationship with Stablemate or use the Marks in relation to goods or services unrelated to the Services. You must promptly comply with any request to cease non-compliant use.

YOUR LIABILITY FOR THIRD-PARTY CLAIMS

You will indemnify Stablemate, its affiliates, and their respective employees and agents for third-party claims arising from impermissible use of the Marks, including claims based on trademark or copyright infringement, dilution, passing off, counterfeiting, or unfair competition, and for related liabilities and reasonable costs. You will cooperate in defense of such claims and acknowledge Stablemate’s authority to control defenses and responses.

OTHER LEGAL PROVISIONS

Except as otherwise agreed in writing, this policy is the entire agreement between you and Stablemate regarding your use of the Marks. We may terminate this policy upon notice. You may not transfer this policy. This policy is governed by the laws and dispute provisions specified in the Services Agreement, which are incorporated by reference. If any provision is held invalid or unenforceable, it will be interpreted to accomplish its objectives to the greatest extent possible and the remaining provisions will continue in full force and effect.

CONTACTING US REGARDING USE

If you have questions or seek permission for a use not described in this policy, contact support@stablemate.app with a description of the proposed use and purpose.

HAVE A QUESTION REGARDING OUR INTELLECTUAL PROPERTY POLICY?

Please provide your full name, primary email, and questions. After you send your message, we will review it promptly and a qualified professional will respond. Thank you for reviewing our Intellectual Property Policy.

Last updated: September 2025

Each quarter, Stablemate publishes a transparency report for our community’s review. This report outlines, in statistical terms, the types of government-related requests we receive and whether we challenge those requests where appropriate. These reports reflect our commitment to transparency and trust.

Scope and methodology

This report covers legal requests for member data or content-related actions that Stablemate receives directly from government entities (local, state, federal, or foreign authorities using established legal channels).
Counts exclude requests sent to our Sub-processors or platform partners (for example, Apple, Google, Stripe, Twilio, or Namecheap) unless those requests are formally transmitted to Stablemate for action.
Where permitted by law, we notify affected members of a request before disclosure, or as soon as legally allowed.

Legal restrictions on disclosure

Some legal processes (for example, National Security Letters and certain Foreign Intelligence Surveillance Act matters) may include nondisclosure obligations that restrict or delay the information we can report. We will continue to advocate for the ability to publish accurate, aggregate information to the extent allowed by law.

Reporting period

Q1 2025 (January 1, 2025 to March 31, 2025)

As of this report, Stablemate received zero (0) government data requests of any kind during the period above. The breakdown is shown below via appropriate legal processes.

Criminal Search Warrant (Probable Cause): Received 0; Challenged 0
Criminal Wiretap Order (Probable Cause): Received 0; Challenged 0
Criminal Pen Register/Trap and Trace (PR/TT): Received 0; Challenged 0
Criminal Subpoena or Similar Process: Received 0; Challenged 0
Emergency Disclosure Requests (EDRs): Received 0; Challenged 0
Preservation Requests (18 U.S.C. § 2703(f) or similar): Received 0; Challenged 0
FISA Order: Search Warrant (Probable Cause): Received 0; Challenged 0
FISA Order: Wiretap (Probable Cause): Received 0; Challenged 0
FISA Pen Register/Trap and Trace: Received 0; Challenged 0
FISA Business Records: Received 0; Challenged 0
FISA Section 702 Directives: Received 0; Challenged 0
National Security Letters: Received 0; Challenged 0
State Governments (non-federal), if any: Received 0; Challenged 0
Foreign Governments, if any: Received 0; Challenged 0

Questions

Have a question about this Transparency Report? Please include your full name, primary email, and your questions. Once submitted, a qualified professional will review and respond. You may also reach us directly at support@stablemate.app.

Last updated: September 2025

This Privacy Policy explains how Stablemate® collects, uses, shares, and protects personal information (“PI”) about members. “Stablemate,” “we,” “us,” or “our” refers to Steady Flow, LLC, doing business as Stablemate. This policy applies to our websites and applications, including stablemate.app, stablemate.me, and the Stablemate mobile applications (collectively, the “Sites and Apps”). It replaces and merges the prior Privacy Policy and Privacy Rights Notice into one unified policy.

Scope and relationship to other notices

Cookie Policy: See our Cookie Policy for cookies and similar technologies. Subprocessors and partners are listed in the Sub-Processor Report (e.g., Google, Apple, Stripe, Twilio, Namecheap).
Security Notice: For technical safeguards and encryption practices, see the Security Notice.
GDPR Notice: For members located in the European Union or European Economic Area, see our General Data Protection Regulation (GDPR) Notice.

Information we collect

We collect PI from the following sources:

Directly from you: identifiers, contact details, account credentials, payment information, communications, and content you submit.
Automatically from your device: IP address, browser type, device identifiers, usage data, geolocation (approximate), and cookie information.
From service providers and partners: analytics, hosting, communications, and payments providers.

How we use information

We use PI to provide, maintain, and secure our Sites and Apps; process bookings and payments; enable member communications; support compliance with laws; improve services through analytics; and honor member preferences. Full details are available in related notices linked above.

Disclosures to service providers and Subprocessors

We disclose PI only to Subprocessors and vendors under written contracts requiring them to protect PI and use it only to provide contracted services. See our Sub-Processor Report for current providers.

Sale and sharing

We do not sell or exchange PI for money, barter, or any other valuable consideration.
If third-party analytics or advertising technologies are used, they may be considered “sharing” under certain U.S. state laws. Opt-out rights are described below and in our Cookie Policy.

Your Privacy Rights

Depending on your state of residence, you may have the following rights under U.S. privacy laws:

Access or know specific pieces of PI we hold about you.
Correct inaccuracies in your PI.
Delete PI we hold about you.
Receive a portable copy of PI.
Opt out of sale or sharing of PI, including cross-context targeted advertising.
Limit the use or disclosure of sensitive PI, where applicable.
Be free from discrimination or retaliation for exercising your rights.
Appeal our decision if we deny a privacy request.

How to exercise your rights

Email: Send requests to support@stablemate.app with the subject line “Privacy Rights Request.”
In-app: Where available, submit requests through Settings › Privacy.

We verify identity before fulfilling requests. If you use an authorized agent (California), we may require proof of authorization and your verification.

Opting out of sale/sharing and targeted advertising

Browser signals: Where required by applicable law, we honor recognized opt-out preference signals such as Global Privacy Control (GPC).
Cookies: Adjust settings in our Cookie Policy and your browser or device controls. Choices are device- or browser-specific.

Cookies and similar technologies

We use cookies and similar tools for operations, security, analytics, and advertising (where enabled). Manage your choices in the Cookie Policy or browser/device settings. For Google technologies, see Google’s information on cookie and advertising identifier usage.

Security

We maintain administrative, technical, and physical safeguards to protect PI, including encryption in transit (HTTPS/TLS) and at rest. For more information, see our Security Notice.

Children and minimum age

Stablemate is intended for members 18 years of age or older. We do not knowingly collect PI from anyone under 13. If we learn that PI was collected from a child under 13, we will delete it. See the Terms of Service for eligibility requirements.

Data retention

We retain PI only as long as necessary to provide services, comply with law, resolve disputes, and protect rights. Retention periods vary depending on data category and purpose.

Third-party websites

Our Sites and Apps may link to external websites or services. Their privacy practices are governed by their own policies, not this Privacy Policy.

Changes to this Privacy Policy

We may update this policy from time to time. Material changes are marked by updating the “Last updated” date above. Continued use of the Sites and Apps after changes become effective constitutes acceptance.

Contacting us

Steady Flow, LLC d/b/a Stablemate

support@stablemate.app

For GDPR matters, see our GDPR Notice. For Subprocessors, see the Sub-Processor Report. For cookies, see the Cookie Policy.

Policies

Cookie Policy

EU-U.S. and Swiss-U.S. Data Privacy Framework Policy

General Data Protection Regulation (GDPR)

Restricted Businesses / Contractors

Sub-Processor Report

Terms of Service

Violence Prevention Policy

Human Rights

Anti-Harassment

Anti-Fraud

HIPAA Business Associate Agreement

Data Processing Agreement (DPA)

Security Notice

Intellectual Property

Transparency Report (Quarterly)

Privacy Policy