Asset Bank uses a select number of sub-processors to support the delivery of our services. Each sub-processor has been assessed for their ability to provide appropriately secure services and are themselves providing relevant assurances, policies and Data Processing Agreements that we have entered into.
We are also monitoring the ongoing compliance work of our providers and adjusting our own processes to make the most of any additional privacy options available.
Our current list of sub-processors that process client data are:
|Amazon Web Services Inc||Infrastructure, file storage and processing services for our hosted products||USA, with our servers located in the EU, US, Canada, Bahrain, Hong Kong and Australia|
|Zendesk Inc||Helpdesk support platform||USA|
|Google Inc||Email and administrative support applications; automatic image recognition and tagging||USA|
|SendSafely||Encrypted file transfer service||USA|
|Freelance consultant||Professional services||Israel|
|Heroku Inc||Infrastructure, file storage and processing services for our hosted products||USA|
|Blitline LLC||Image processing||USA, with our data remaining in the EU|
These lists will be kept up to date with any changes to our sub-processors. You can sign up to receive email notifications about proposed changes by e-mailing firstname.lastname@example.org.
International Data Transfer
For customers using our Shared or Dedicated hosting services, the data in Asset Bank is hosted by Amazon Web Services (AWS). Customers are able to select the region that their Asset Bank will be hosted in, with the choice between the EU, US, Canada, Bahrain, Hong Kong and Australia data centres. This allows EU customers to ensure the hosting and backups of their Asset Bank database resides in the EU. The default EU server location is the Republic of Ireland.
Additionally, the GDPR gives multiple ways for personal data to be transferred outside of the UK and the EU. All of our sub-processing contracts include the European Commission-approved Standard Contractual Clauses in order to ensure the controlled transfer of data outside of the EU. Additionally, all of our providers make strong commitments related to the restriction of access to the data that is stored with them.