Hopp til innholdet
DOCUMENTATION

Ironstone's processors and subprocessors

Last Updated: Oct, 2023

 

Ironstone (“Ironstone”) uses selected sub-vendors in providing our services. These sub-vendors operate as Ironstone's sub-processor, where Ironstone acts as a processor on our customer's behalf. For processing activities where Ironstone operates as a Controller, the sub-vendor operates as a processor. 

Ironstone processes your personal information in strict accordance with the General Data Protection Regulation ("GDPR") and has signed Data Processor Agreements with all our sub-vendors. Ironstone will only process personal information to the extent necessary to provide our Services or for business support purposes.

Ironstone performs due diligence on the information security practices and data protection compliance of all processors and sub-processors and requires each to commit to written obligations (Data Processor Agreements) regarding their technical and organizational activities related to security controls and applicable regulations for the protection of our customer's personal data.

 

Processing of personal data where Ironstone operates a controller

As a controller, Ironstone process personal data for the purpose of operating our business support systems, i.e. for providing our clients with support services, storing contact information, issuing invoices, bookkeeping etc. These are personal data that we collect from our customers, and that we process for our own purposes, and which do not encompass our customers' data as stored on their tenants in the cloud.

Below is a list of all processors of personal data:

Sub-processor 

The purpose of the Processing

Locations (transfer mechanism where outside of the EEA)
Cloud Hosting Location
DPA Date added to this page
Microsoft Corporation

Microsoft 365 is used for communication, collaboration, security suits, and storage.

Microsoft Azure is used for hosting monitoring and alerting, automation, documentation, and analytics.

United States
(standard contractual clauses)

 Europe

http://www.microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=46 

 

23.09.2019
Printix.net ApS Print management system Danmark Europe https://www.printix.net/dpa  23.09.2019
ConnectWise, LLC

 

Customer Service Software & Support Ticket System

United States
(standard contractual clauses)

Europe

https://www.connectwise.com/gdpr  
https://www.connectwise.com/Privacy-Policy 
23.09.2019
Spanning Cloud Apps, LLC
Microsoft 365 Backup

United States
(standard contractual clauses)

Europe

http://go.spanning.com/rs/832-UFI-346/images/Spanning%20Data%20Protection%20Addendum%20and%20Standard%20Contractual%20Clauses.pdf    23.09.2019

Zoho corporation pvt. Ltd

Monitoring and Alerting, Patch management

United States
(standard contractual clauses)

Europe

https://www.zoho.com/gdpr.html

https://www.zoho.com/privacy.html

23.09.2019

GitHub, Inc.

Code Management and Repository

United States
(standard contractual clauses)

 United States

https://help.github.com/en/articles/github-privacy-statement 23.09.2019

HubSpot, Inc.

Marketing services, Web page

United States
(standard contractual clauses)

 United States

https://www.hubspot.com/data-privacy/gdpr  23.09.2019

FortNox

Accounting software

Sweden

Europe

https://www.fortnox.se/om-fortnox/integritet-och-sakerhet/gdpr/ 23.09.2019

PowerOffice

Accounting software

Norway

Europe

https://poweroffice.no/personvernerklaering/ 23.09.2019

Visma.Net

Accounting software & Digital signatures

Norway, Sweden

Europe

https://www.visma.com/trust-centre/smb/service-information/terms-of-service/data-processing-agreement/ 15.01.2020

Dmarcian

Email Compliance Service

United States
(standard contractual clauses)

 Europe

https://dmarcian.com/terms-of-service-europe/ 23.09.2019

Detectify AB

Website Vulnerability Scanner

Sweden

Europe

https://detectify.com/privacy-policy

23.09.2019

Adobe Inc. Video, design, photography service

United States
(standard contractual clauses)

 United States

https://www.adobe.com/privacy/policy.html

23.09.2019

AvePoint Inc

Microsoft 365 Backup

United States

Europe

https://www.avepoint.com/company/our-commitment-to-gdpr

May 2023
CodeTwo

Email Signatures

Europe

Europe

https://www.codetwo.com/compliance/gdpr

12.12.2019
ScreenCloud Limited

Digital signage Software

European Economic Area

Europe

https://screen.cloud/privacy

21.01.2020
Sinch Affiliate

SMS gateway

European Economic Area

Europe

https://www.sinch.com/data-protection-agreement/

21.01.2020
Atlassian Pty Ltd, Atlassian, Inc. 

Documentation and project management

Europe, United States
(standard contractual clauses)

Europe

https://www.atlassian.com/legal/privacy-policy

26.05.2020
LogMeIn, Inc.

Password Manager

Europe, United States
(standard contractual clauses

Europe

https://www.logmeininc.com/legal/privacy/international

06.04.2021
Nortel AS

Phone system

European Economic Area

Europe

https://www.nortel.no/bedrift/kundeservice/personvern-og-cookies/

06.04.2021
Telenor Norge AS

Phone system

European Economic Area

Europe

https://www.telenor.no/om/personvern/

06.04.2021
OneTrust, LLC

Operationalize Privacy, Security & Data Governance

European Economic Area

Europe

https://www.onetrust.com/privacy/

06.04.2021
Twilio

SMS gateway, Phone number routing

Europe, United States
(standard contractual clauses)

Europe

https://www.twilio.com/legal/privacy

01.05.2022
Spektra Systems

Microsoft CSP billing

Europe, United States
(standard contractual clauses)

Europe

https://spektrasystems.com/privacy-policy/

01.05.2022
TeamViewer Germany GmbH

 Remote control

Europe, United States
(standard contractual clauses)

Europe

https://www.teamviewer.com/en/trust-center/

01.05.2022
Freshworks Inc.

 Customer contact center, chat & bot, service desk and assets management

Europe, United States
(standard contractual clauses)

Europe

https://www.freshworks.com/privacy/

01.05.2022
Memory AS

Time entry management 

Europe

Europe

https://timelyapp.com/privacy-policy

01.05.2022
PagerDuty, Inc

 Digital Operations Management

Europe, United States
(standard contractual clauses)

Europe

https://www.pagerduty.com/privacy-policy/

01.05.2022
Keeper Security Inc

Store passwords safely

USA

Europe

Trust center
https://www.keepersecurity.com/GDPR.html

May 2023
URIports

Email Compliance Service

Netherlands

Europe

https://www.uriports.com/privacy

Oct 2023

Please consult our Data Processor Agreement for information on the use and change of sub-processors.

 

Subscribe to notifications of updates to the list of processors or sub-processors

You can subscribe to receive email notifications for updates to the list of processors or sub-processors by joining our notification list. You may unsubscribe at any time by following the unregister-link in the sign-on email or when receiving an update notification.

 

Ironstone Affiliates

(Company name, business no.,  address, contact information, contact information to the data protection officer, where applicable.)

The purpose of the Processing

Locations (transfer mechanism where outside of the EEA) Date added to this page
Ironstone AB In respect of Ironstone's Affiliates, groups of individuals located in different offices may have a need to access Customer data for service delivery purposes and/or business support purposes.   Sweden 23.09.2019
Ironstone AS In respect of Ironstone's Affiliates, groups of individuals located in different offices may have a need to access Customer data for service delivery purposes and/or business support purposes.   Norway 23.09.2019
Ironstone Holding AS In respect of Ironstone's Affiliates, groups of individuals located in different offices may have a need to access Customer data for service delivery purposes and/or business support purposes.   Norway 23.09.2019