Sub-processors
Effective starting: 15 November, 2021
Program owner and administrator specific sub-processors
Sub-processor services we use to engage and support your organisation. Entrants/applicants, nominators and judges/reviewers do not make use of these services.
| Sub-processor | Website | Business location | Data processing location(s) | Description of services provided |
|---|---|---|---|---|
| Chameleon | http://trychameleon.com | United States | United States | In-app product tours. Processes email addresses. Uses Standard Contractual Clauses. Technical security measures: https://www.trychameleon.com/security |
| Deepnote | https://deepnote.com | California, United States | United States | Data pipeline management. May process personal data. Uses Standard Contractual Clauses. Technical security measures: https://deepnote.com/security |
| Elevio | https://elev.io | Collingwood, Victoria, Australia | United States | In-app support panel. Processes email addresses. Uses Standard Contractual Clauses. |
| Hubspot | https://www.hubspot.com | Ireland | United States | Software products for inbound marketing, sales, and customer service. Processes personal data. Uses Standard Contractual Clauses. Technical security measures: https://www.hubspot.com/security |
| Intercom | https://www.intercom.com | San Francisco, California, US | United States (Virginia) | Chat and support management within our software product. Processes personal data. Uses Standard Contractual Clauses. Technical security measures: https://www.intercom.com/security |
| Klaus | https://klausapp.com | Estonia | Germany (Frankfurt) | Support team conversation review and QA platform. Processes personal data. Data is not processed outside of the EU. Technical security measures: https://www.klausapp.com/security |
| Zendesk | https://www.zendesk.com | San Francisco, California, US | Australia (Sydney) | Client support management. Processes personal data. Uses Standard Contractual Clauses. Technical security measures: https://www.zendesk.com/product/zendesk-security |
All user sub-processors
Sub-processor services we use to engage and support your organisation, your program and your participants. All roles including program owners, administrators, entrants, applicants, nominators, judges and reviewers make use of these services.
| Subprocessor | Website | Business location | Data processing location(s) | Description of services provided |
|---|---|---|---|---|
| Amazon Web Services | https://aws.amazon.com | Seattle, Washington, US | Australia (Sydney) Europe (Ireland and Germany) United States (California) | Cloud hosting infrastructure for whole AF application stack. Processes personal data. Uses Standard Contractual Clauses. Technical security measures:
|
| Imgix | https://www.imgix.com | San Francisco, California, US | United States (rendering) Various edge nodes (caching) | Image processing service. May process personal data captured in uploaded images and PDFs. Uses Standard Contractual Clauses. |
| MailGun | https://www.mailgun.com | San Francisco, California, US | Germany (Frankfurt) | Email sending service. Processes personal data used in the delivery and communication of email messages. Uses Standard Contractual Clauses. |
| New Relic | https://newrelic.com | San Francisco, California, US | United States | Application monitoring. May process personal data. Uses Standard Contractual Clauses. Technical security measures: https://drive.google.com/file/d/1pMixjKW1G-AuR8hcNwD8YsbOKlQbPq2F/view |
| Pusher | https://pusher.com | London, United Kingdom | United States (North Virginia) | Push service. Background processes use Pusher to send notifications on progress and file scanning. May process IP addresses and cookies. Uses Standard Contractual Clauses. Is GDPR and HIPAA compliant. |
| Stitch | https://www.stitchdata.com | United States | United States | ETL data pipeline. Processes personal data. Uses Standard Contractual Clauses. Technical security measures: https://www.stitchdata.com/platform/security |
| URL2PNG | https://www.url2png.com | East Derry, New Hampshire, US | United States | Capture screenshots from URLs. May process personal data visible on publicly accessible websites. Uses Standard Contractual Clauses. |
| Vonage | https://www.vonage.com | San Francisco, California, US | Singapore | SMS sending service. May process personal data used in the delivery of SMS messages. Uses Standard Contractual Clauses. Technical security measures:
|