AgileCase Sub-Processors
Our Sub-processors, your confidence.
Sub-Processors - Last Updated, 16th May 2018
To support the delivery of the AgileCase service ("AgileCase"), we may engage and use data processors with access to certain Client Data (each, a "Sub-processor"). This page provides important information about the identity, location and role of each Subprocessor.
What is a sub-processor?
A sub-processor is a third party data processor engaged by AgileCase who has or potentially will have access to or process Client Data (which may contain Personal Data). AgileCase engages different types of sub-processors for perform various functions as explained in the tables below.
Due diligence
AgileCase undertakes to use a commercially reasonable selection process by which it evaluates the security, privacy and confidentiality practices of the proposed sub-processors that will or may have access to, or process, Client Data.
Contractual safeguards
AgileCase requires its Subprocessors to satisfy equivalent obligations as those required from AgileCase (as a Data Processor) as set forth in either AgileCase’s, or the corresponding Subprocessor’s equivalent, Data Processing Addendum (“DPA”), incorporating Standard Contractual Clauses ("SCC") where appropriate, including but not limited to the requirements to:
Process to engage new sub-processors
As our business and software grows and evolves, the Sub-processors we engage may also change. We will provide users of the Service with notice of any new Sub-processors to the extent required under the Agreement by posting such updates here. AgileCase will provide notice via this policy of updates to the list of Sub-processors that are utilised or which AgileCase proposes to utilise to deliver its Service. AgileCase undertakes to keep this list updated regularly to enable users of the Service to stay informed of the scope of subprocessing associated with the Service.
AgileCase does not store payment card information. Payment processing is handled directly by the following third parties according to their respective Privacy Policies and Terms of Service.
Changes to our sub-processor list
Any changes we make to our sub-processor in the future will be posted on this page and the date of update will be shown and the planned start date of any new sub-processor. Please check this page regularly to see any updates or changes to our subprocessors.
Contact
If you have any queries in relation to the above Privacy Policy please contact AgileCase at, 22 Montrose Street, Glasgow, Scotland G1 1RE, United Kingdom or by email at privacy@agilecase.com.
To support the delivery of the AgileCase service ("AgileCase"), we may engage and use data processors with access to certain Client Data (each, a "Sub-processor"). This page provides important information about the identity, location and role of each Subprocessor.
What is a sub-processor?
A sub-processor is a third party data processor engaged by AgileCase who has or potentially will have access to or process Client Data (which may contain Personal Data). AgileCase engages different types of sub-processors for perform various functions as explained in the tables below.
Due diligence
AgileCase undertakes to use a commercially reasonable selection process by which it evaluates the security, privacy and confidentiality practices of the proposed sub-processors that will or may have access to, or process, Client Data.
Contractual safeguards
AgileCase requires its Subprocessors to satisfy equivalent obligations as those required from AgileCase (as a Data Processor) as set forth in either AgileCase’s, or the corresponding Subprocessor’s equivalent, Data Processing Addendum (“DPA”), incorporating Standard Contractual Clauses ("SCC") where appropriate, including but not limited to the requirements to:
- process Personal Data in accordance with AgileCase's instructions;
- in connection with their sub-processing activities, use only personnel who are reliable and subject to a contractually binding obligation to observe data privacy and security, to the extent applicable, pursuant to applicable data protection laws;
- implement and maintain appropriate technical and organisational measures (including measures consistent with those to which AgileCase is contractually committed to adhere insofar as they are equally relevant to the Subprocessor’s processing of Personal Data on AgileCase's behalf);
- promptly inform AgileCase about any actual or potential security breach; and
- cooperate with AgileCase in order to deal with requests from data controllers, data subjects or data protection authorities, as applicable.
Process to engage new sub-processors
As our business and software grows and evolves, the Sub-processors we engage may also change. We will provide users of the Service with notice of any new Sub-processors to the extent required under the Agreement by posting such updates here. AgileCase will provide notice via this policy of updates to the list of Sub-processors that are utilised or which AgileCase proposes to utilise to deliver its Service. AgileCase undertakes to keep this list updated regularly to enable users of the Service to stay informed of the scope of subprocessing associated with the Service.
Infrastructure Sub-Processors, Client Data Storage
AgileCase uses the following sub-processors to host Client Data and provide other infrastructure that helps with the delivery of our Service.
Payment ProcessingAgileCase uses the following sub-processors to host Client Data and provide other infrastructure that helps with the delivery of our Service.
| Entity Name | Sub-processing Activities | Country | Adequacy |
|---|---|---|---|
| Amazon Web Services Inc. | Cloud Service Provider | Ireland | GDPR Statement, ISO 27001, Privacy Shield, DPA with SCC |
| Microsoft Azure. | Cloud Service Provider | Ireland | GDPR Statement, ISO 27001, Privacy Shield |
| Google, Inc. | Cloud Service Provider | United States | GDPR Statement, ISO 27001, Privacy Shield, DPA with SCC |
| CloudFlare | Web Application Firewall | United States; United Kingdom | GDPR Statement, Privacy Shield, DPA with SCC |
| NewRelic | Application Analytics, System Health and Monitoring | United States | GDPR Statement, Tier III, SOC2 Certified, Privacy Shield (section 7), DPA with SCC |
| MailGun | Email Processing | United States | GDPR Statement, Security Statement, Privacy Shield, DPA with SCC |
| ZenDesk | Support Helpdesk | United States; Europe | GDPR Statement, ISO 27001, Privacy Shield, DPA with SCC |
| Intercom | Livechat, User Insights, Documentation | Ireland | GDPR Statement, Tier 1, SOC 2 Certified , Privacy Shield, DPA with SCC |
| MailChimp | Newsletter, System Maintenance Notifications | United States | GDPR Statement, SOC 2 Certified, Privacy Shield, GDPR compliant DPA |
| Veriphy | AML (Anti-money laundering) Checks | United Kingdom | GDPR Statement, Privacy Policy |
AgileCase does not store payment card information. Payment processing is handled directly by the following third parties according to their respective Privacy Policies and Terms of Service.
| Entity Name | Sub-processing Activities | Country | Policy |
|---|---|---|---|
| Stripe | Outsourced payment management | United States; Europe | Privacy Policy |
| GoCardless | Outsourced payment management | Europe | Privacy Policy |
Changes to our sub-processor list
Any changes we make to our sub-processor in the future will be posted on this page and the date of update will be shown and the planned start date of any new sub-processor. Please check this page regularly to see any updates or changes to our subprocessors.
Contact
If you have any queries in relation to the above Privacy Policy please contact AgileCase at, 22 Montrose Street, Glasgow, Scotland G1 1RE, United Kingdom or by email at privacy@agilecase.com.