Legal documentation
Applies to our software services:
- Service terms
- Data processing agreement
- Sub-processors
- Service description
Sub-processors
Updated: 1 July 2020
The following sub-providers may be involved in our processing of personal data as described in our privacy policy, and under the data processing agreement (DPA), along with any other customer data under the service terms, for our cloud service customers:
| Provider | Location | Description | Personal data |
|---|---|---|---|
| Microsoft Ireland Operations, Ltd. | EU/EEA | Data center and infrastructure for our cloud services, various internal systems and collaborative tools. | Any personal data as described in the DPA (chapter 3). |
| Digital Ocean, Inc. 1 | EU/EEA | Email gateway and landing pages for simulated phishing. | Recipient data for email recipients and email content (in relay). |
| Nexmo, Inc. 2 | USA, transfer by Standard Contractual Clauses | SMS gateway for one time passcodes. | Mobile number for SMS recipients and SMS content. |
| Mnemonic AS 3 | EU/EEA | Managed analysis of suspicious emails. | Full access to analysed email data, as specified in customer configuration. |
| Visma eAccounting AS 4 | EU/EEA | Billing and accounting. | Contact information for the customer's billing representative. |
- 1
- Only applies to data processed in transit, as no personal data is stored at rest by this provider.
- 2
- Only applies if single sign-on (SSO) has not been enabled for administrator logins.
- 3
- Only applies if the managed analysis service add-on is purchased, without any alternative analysis partner.
- 4
- Only applies if services are purchased directly from Secure Practice, and not through a partner/reseller.