Ironstone's processors and subprocessors
Ironstone (“Ironstone”) uses selected sub-vendors in providing our services. These sub-vendors operate as Ironstone's sub-processor, where Ironstone acts as a processor on our customer's behalf. For processing activities where Ironstone operates as a Controller, the sub-vendor operates as a processor.
Ironstone processes your personal information in strict accordance with the General Data Protection Regulation ("GDPR") and has signed Data Processor Agreements with all our sub-vendors. Ironstone will only process personal information to the extent necessary to provide our Services or for business support purposes.
Ironstone performs due diligence on the information security practices and data protection compliance of all processors and sub-processors and requires each to commit to written obligations (Data Processor Agreements) regarding their technical and organizational activities related to security controls and applicable regulations for the protection of our customer's personal data.
Processing of personal data where Ironstone operates a controller
As a controller, Ironstone process personal data for the purpose of operating our business support systems, i.e. for providing our clients with support services, storing contact information, issuing invoices, bookkeeping etc. These are personal data that we collect from our customers, and that we process for our own purposes, and which do not encompass our customers' data as stored on their tenants in the cloud.
Below is a list of all processors of personal data:
| Sub-processor |
The purpose of the Processing |
Locations (transfer mechanism where outside of the EEA) |
Cloud Hosting Location
|
DPA | Date added to this page |
|---|---|---|---|---|---|
| Microsoft Corporation |
Microsoft 365 is used for communication, collaboration, security suits, and storage. Microsoft Azure is used for hosting monitoring and alerting, automation, documentation, and analytics. |
United States |
Europe |
http://www.microsoftvolumelicensing.com/DocumentSearch.aspx?Mode=3&DocumentTypeId=46
|
23.09.2019 |
| Printix.net ApS | Print management system | Danmark | Europe | https://www.printix.net/dpa | 23.09.2019 |
| ConnectWise, LLC
|
Customer Service Software & Support Ticket System |
United States |
Europe |
https://www.connectwise.com/gdpr https://www.connectwise.com/Privacy-Policy |
23.09.2019 |
| Spanning Cloud Apps, LLC |
Microsoft 365 Backup |
United States |
Europe |
http://go.spanning.com/rs/832-UFI-346/images/Spanning%20Data%20Protection%20Addendum%20and%20Standard%20Contractual%20Clauses.pdf | 23.09.2019 |
|
Zoho corporation pvt. Ltd |
Monitoring and Alerting |
United States |
Europe |
23.09.2019 | |
|
DigiCert, Inc |
Certificates |
United States |
United States |
https://www.digicert.com/digicert-privacy-policy/ | 23.09.2019 |
|
GitHub, Inc. |
Code Management and Repository |
United States |
United States |
https://help.github.com/en/articles/github-privacy-statement | 23.09.2019 |
|
HubSpot, Inc. |
Marketing services, Web page |
United States |
United States |
https://www.hubspot.com/data-privacy/gdpr | 23.09.2019 |
|
FortNox |
Accounting software |
Sweden |
Europe |
https://www.fortnox.se/om-fortnox/integritet-och-sakerhet/gdpr/ | 23.09.2019 |
|
PowerOffice |
Accounting software |
Norway |
Europe |
https://poweroffice.no/personvernerklaering/ | 23.09.2019 |
|
Visma.Net |
Accounting software & Digital signatures |
Norway |
Europe |
https://www.visma.com/trust-centre/smb/service-information/terms-of-service/data-processing-agreement/ | 15.01.2020 |
|
Dmarcian |
Email Compliance Service |
United States |
Europe |
https://dmarcian.com/terms-of-service-europe/ | 23.09.2019 |
|
Detectify AB |
Website Vulnerability Scanner |
Sweden |
Europe |
https://detectify.com/privacy-policy |
23.09.2019 |
| Adobe Inc. | Video, design, photography service |
United States |
United States |
https://www.adobe.com/privacy/policy.html |
23.09.2019 |
| HR Bakery Ltd |
Human resource management, Recruitment management |
Ireland |
United Kingdom |
12.12.2019 | |
| CodeTwo |
Email Signatures |
Europe |
Europe |
12.12.2019 | |
| ScreenCloud Limited |
Digital signage Software |
European Economic Area |
Europe |
21.01.2020 | |
| Sinch Affiliate |
SMS gateway |
European Economic Area |
Europe |
21.01.2020 | |
| Atlassian Pty Ltd, Atlassian, Inc. |
Documentation and project management |
Europe, United States |
Europe |
26.05.2020 | |
| LogMeIn, Inc. |
Password Manager |
Europe, United States |
Europe |
https://www.logmeininc.com/legal/privacy/international |
06.04.2021 |
| Nortel AS |
Phone system |
European Economic Area |
Europe |
https://www.nortel.no/bedrift/kundeservice/personvern-og-cookies/ |
06.04.2021 |
| Telenor Norge AS |
Phone system |
European Economic Area |
Europe |
https://www.telenor.no/om/personvern/ |
06.04.2021 |
| OneTrust, LLC |
Operationalize Privacy, Security & Data Governance |
European Economic Area |
Europe |
https://www.onetrust.com/privacy/ |
06.04.2021 |
|
|
|
|
|
Please consult our Data Processor Agreement for information on the use and change of sub-processors.
Subscribe to notifications of updates to the list of processors or sub-processors
You can subscribe to receive email notifications for updates to the list of processors or sub-processors by joining our notification list. You may unsubscribe at any time by following the unregister-link in the sign-on email or when receiving an update notification.
Ironstone Affiliates
| (Company name, business no., address, contact information, contact information to the data protection officer, where applicable.) |
The purpose of the Processing |
Locations (transfer mechanism where outside of the EEA) | Date added to this page |
|---|---|---|---|
| Ironstone AB | In respect of Ironstone's Affiliates, groups of individuals located in different offices may have a need to access Customer data for service delivery purposes and/or business support purposes. | Sweden | 23.09.2019 |
| Ironstone AS | In respect of Ironstone's Affiliates, groups of individuals located in different offices may have a need to access Customer data for service delivery purposes and/or business support purposes. | Norway | 23.09.2019 |
| Ironstone Holding AS | In respect of Ironstone's Affiliates, groups of individuals located in different offices may have a need to access Customer data for service delivery purposes and/or business support purposes. | Norway | 23.09.2019 |