Ironstone's processors and subprocessors
Last updated January 15th, 2020
Ironstone (“Ironstone”) uses selected sub-vendors in providing our services. These sub-vendors operate as Ironstone's sub-processor where Ironstone acts as a processor on our customer's behalf. For processing activities where Ironstone operates as a Controller the sub-vendor operates as a processor.
Ironstone processes your personal information in strict accordance the General Data Protection Regulation ("GDPR"), and has signed Data Processor Agreements with all our sub-vendors. Ironstone will only process personal information to the extent necessary to provide our Services or for business support purposes.
Ironstone performs due diligence on the information security practices and data protection compliance of all processors and sub-processors and requires each to commit to written obligations (Data Processor Agreements) regarding their technical and organisational activities related to security controls and applicable regulations for the protection of our customer's personal data.
Processing of personal data where Ironstone operates a controller
As a controller, Ironstone process personal data for the purpose of operating our business support systems, i.e. for providing our clients with support services, storing contact information, issuing invoices, bookkeeping etc. These are personal data that we collect from our customers, and that we process for our own purposes, and which do not encompass our customers data as stored on their tenants in the cloud.
Below is a list of all processors of personal data:
| Sub-processor |
The purpose of the Processing |
Locations (transfer mechanism where outside of the EEA) | DPA | Date added to this page |
|---|---|---|---|---|
| Microsoft Corporation |
Microsoft 365 used for communication, collaboration, security suits and storage. Microsoft Azure used for hosting monitoring and alerting, automation, documentation, and analytics. |
United States |
http://www.microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=46
|
23.09.2019 |
| Printix.net ApS | Print management system | Danmark | https://www.printix.net/dpa | 23.09.2019 |
|
ITG Software Inc |
Customer documentation system |
Canada |
https://itglue.com/privacy-policy/ |
23.09.2019 |
| ConnectWise, LLC
|
Customer Service Software & Support Ticket System |
United States |
https://www.connectwise.com/gdpr https://www.connectwise.com/Privacy-Policy |
23.09.2019 |
| Spanning Cloud Apps, LLC |
Microsoft 365 Backup |
United States |
http://go.spanning.com/rs/832-UFI-346/images/Spanning%20Data%20Protection%20Addendum%20and%20Standard%20Contractual%20Clauses.pdf | 23.09.2019 |
|
zoho corporation pvt. Ltd |
Monitoring and Alerting |
United States |
23.09.2019 | |
|
DigiCert, Inc |
Certificates |
United States |
https://www.digicert.com/digicert-privacy-policy/ | 23.09.2019 |
|
GitHub, Inc. |
Code Management and Repository |
United States |
https://help.github.com/en/articles/github-privacy-statement | 23.09.2019 |
|
HubSpot, Inc. |
Marketing services, Web page |
United States |
https://www.hubspot.com/data-privacy/gdpr | 23.09.2019 |
|
DocuSign |
Electronic Signature |
United States (Binding Corporate Rules)
|
https://www.docusign.com/trust/legal/data-protection-trust-guide/privacy | 23.09.2019 |
|
FortNox |
Accounting software |
Sweden |
https://www.fortnox.se/om-fortnox/integritet-och-sakerhet/gdpr/ | 23.09.2019 |
|
PowerOffice |
Accounting software |
Norway |
https://poweroffice.no/personvernerklaering/ | 23.09.2019 |
|
Visma.Net |
Accounting software |
Norway |
https://www.visma.com/trust-centre/smb/service-information/terms-of-service/data-processing-agreement/ | 15/1/2020 |
|
Dmarcian |
Email Compliance Service |
United States |
https://dmarcian.com/terms-of-service-europe/ | 23.09.2019 |
|
Detectify AB |
Website Vulnerability Scanner |
Sweden |
https://detectify.com/privacy-policy |
23.09.2019 |
| Adobe Inc. | Video, design, photography service |
United States |
https://www.adobe.com/privacy/policy.html |
23.09.2019 |
| Cloudmore | Ironstone Marketplace |
Sweden |
https://web.cloudmore.com/legal/privacy-policy |
23.09.2019 |
|
New Day At |
Customer Portal |
Netherlands |
https://workspace365.net/wp-content/uploads/2019/06/Workspace-365-Processing-Agreement-June-2019.pdf
|
23.09.2019 |
| HR Bakery Ltd |
Hruman resource management, Recuritment management |
Ireland |
12.12.2019 |
Please consult our Data Processor Agreement for information on use and change of sub-processors..
Subscribe to notifications of updates to the list of processors or sub-processors
You can subscribe to receive email notifications for updates to list of processors or sub-processors by joining our notification list. You may unsubscribe at any time by following the unregister-link in the sign-on email, or when receiving an update notification.
Ironstone Affiliates
| (Company name, business no., address, contact information, contact information to the data protection office, where applicable.) |
The purpose of the Processing |
Locations (transfer mechanism where outside of the EEA) | Date added to this page |
|---|---|---|---|
| Ironstone AB | In respect of Ironstone's Affiliates, groups of individuals located in different offices may have a need to access Customer data for service delivery purposes and/or business support purposes. | Sweden | 23.09.2019 |
| Ironstone AS | In respect of Ironstone's Affiliates, groups of individuals located in different offices may have a need to access Customer data for service delivery purposes and/or business support purposes. | Norway | 23.09.2019 |
| Ironstone Holding AS | In respect of Ironstone's Affiliates, groups of individuals located in different offices may have a need to access Customer data for service delivery purposes and/or business support purposes. | Norway | 23.09.2019 |