Asset Bank uses a select number of sub-processors to support the delivery of our services. Each sub-processor has been assessed for their ability to provide appropriately secure services and are themselves providing relevant assurances, policies and Data Processing Agreements that we have entered into.
We are also monitoring the ongoing compliance work of our providers and adjusting our own processes to make the most of any additional privacy options available.
Our current list of sub-processors that process client data are:
|Amazon Web Services Inc||Infrastructure, file storage and processing services for our hosted products||USA, with our servers located in the EU, USA and AUS|
|Zendesk Inc||Helpdesk support platform||USA|
|Google Inc||Email and administrative support applications; automatic image recognition and tagging||USA|
|HubSpot Inc||Processing of user information for notifications and service provision||USA|
|SendSafely||Encrypted file transfer service||USA|
|Stewart Oak||File processing and data transformation services including consultancy||Israel|
|Blitline LLC||Asset Bank, Dash||Image processing (Opt-in for Asset Bank)||USA, with our data remaining in the EU|
|Auth0||Dash||Authorisation and user management||USA|
|Microsoft Azure||Dash||Cloud services, including geolocation services||USA|
|DabApps Ltd||Brand Hub||Application maintenance||UK|
|Intercom||Dash||Helpdesk support platform||USA|
These lists will be kept up to date with any changes to our sub-processors. You can sign up to receive email notifications about proposed changes by e-mailing firstname.lastname@example.org.
International Data Transfer
For customers using our Shared or Dedicated hosting services, the data in Asset Bank is hosted by Amazon Web Services (AWS). Customers are able to select the region that their Asset Bank will be hosted in, with the choice between the EU, USA or AUS data centres. This allows EU customers to ensure the hosting of their Asset Bank data resides in the EU. The default EU server location is the Republic of Ireland.
Additionally, the GDPR gives multiple ways for personal data to be transferred outside of the EU. This is relevant for the processing of personal data that may occur, upon request of our customers, for support and consultancy purposes.
All of our sub-processing contracts include the European Commission-approved Standard Contractual Clauses in order to ensure the controlled transfer of data outside of the EU, as well as other assurances such as E.U. - U.S. Privacy Shield certification. Additionally, all of our providers make strong commitments related to the restriction of access to the data that is stored with them.