Updated January 9th, 2022
Each of our Vendors / Sub-Processors will have an executed DPA to ensure compliance under the EU GDPR requirements. Here is an overview of the sub-data processors we use and where data is processed:
What is a sub-data processor?
Sub-data processors are third-party entities that are engaged by a data processor to process personal data on behalf of a data controller. In other words, sub-data processors are contractors or service providers of a data processor who assist in the processing of personal data.
Sub-data processors are typically engaged by data processors to carry out specific tasks or functions that are necessary for the provision of a service to a data controller. For example, a cloud computing provider may engage a sub-data processor to provide data storage services, or a payment processor may engage a sub-data processor to provide fraud detection services.
It is important to note that the data processor remains responsible for the processing of personal data by its sub-data processors, and must ensure that the sub-data processors comply with the same data protection obligations as the data processor. This responsibility is usually addressed through contractual arrangements between the data processor and the sub-data processor.