Legal documentation

Applies to our software services:

Current version

  • 1 January 2022

Previous versions


Updated: 20 December 2021

The following sub-providers may be involved in our processing of personal data as described in our privacy policy, and under the data processing agreement (DPA), along with any other customer data under the service terms, for our cloud service customers:

Provider Location Description Personal data
Microsoft Ireland Operations, Ltd. EU/EEA Data center and infrastructure for our cloud services, various internal systems and collaborative tools. Any personal data as described in the DPA (chapter 3).
Digital Ocean, Inc. 1 EU/EEA Email gateway and landing pages for simulated phishing. Recipient data for email recipients and email content (in relay).
Vonage B.V. 2 (formerly Nexmo) EU/EEA SMS gateway for one time passcodes. Mobile number for SMS recipients and SMS content.
Mnemonic AS 3 EU/EEA Managed analysis of suspicious emails. Full access to analyzed email data, as specified in customer configuration.
Visma eAccounting AS 4 EU/EEA Billing and accounting. Contact information for the customer's billing representative.


Only applies to data processed in transit, as no personal data is stored at rest by this provider.
Only applies if single sign-on (SSO) has not been enabled for administrator logins.
Only applies if the managed analysis service add-on is purchased, without any alternative analysis partner.
Only applies if services are purchased directly from Secure Practice, and not through a partner/reseller.