Legal documentation

Applies to our software services:


Updated: 1 October 2022

The following sub-providers may be involved in our processing of personal data as described in our privacy policy, and under the data processing agreement (DPA), along with any other customer data under the service terms, for our cloud service customers:

Provider Location Description Personal data
Microsoft Ireland Operations, Ltd. EU/EEA Data center and infrastructure for our cloud services, various internal systems and collaborative tools. Any personal data as described in the DPA (chapter 3).
Digital Ocean, Inc. 1 EU/EEA Email gateway and landing pages for simulated phishing. Recipient data for email recipients and email content (in relay).
Vonage B.V. 2 EU/EEA SMS gateway for one time passcodes. Mobile number for SMS recipients and SMS content.
Mnemonic AS 3 EU/EEA Managed analysis of suspicious emails. Full access to analyzed email data, as specified in customer configuration.


Only applies to data processed in transit, as no personal data is stored at rest by this provider.
Only applies if single sign-on (SSO) has not been enabled for administrator logins.
Only applies if MailRisk MANAGED add-on is purchased, without a preferred analysis partner.