Sub-processors are third-party businesses engaged by a processor for performing data processing on behalf of a controller. According to the GDPR, these companies are also accountable for the protection of an individual’s personal data. Data protection obligations of sub-processors are to be established by way of contract or other legal acts under the Union or Member State law. This includes providing sufficient guarantees to implement appropriate technical and organizational measures as specified in the regulation.
Blitzz uses sub-processors (listed below), to assist in providing services as described in our Terms of Service or a similar services agreement customers may have signed with us.
Blitzz partners with organizations, that like itself adhere to global standards and regulations. Apart from evaluation for technical requirements, Blitzz ensures examination of data protection measures, compliance with Blitzz’ security requirements, and security audit reports before the closing of the contract. Initial agreements include review and approval of - provision for breach notification in the event of unwarranted data incidents, and necessary security measures for data protection.
Blitzz commits to keep this list updated regularly, to enable Controllers to stay informed of the scope of sub-processing associated with Blitzz services.
List of Sub-processors
Blitzz utilizes both infrastructure and services specific vendors to provide product and services to its Controllers (Blitzz customers) and end-users. The following is an up-to-date list of names and purpose of Freshworks sub-processors and 3rd-party vendors:
Infrastructure & Services Sub-processors:
Blitzz products and services operate on cloud platforms, listed in the table below. Blitzz holds control and access to data hosted on these services and resides in corresponding data center facilities based on the location or choice (plan) of the Controller (Blitzz’ customer). Data subsequently remains in the data center unless, shifted to ensure performance and availability of services, or specifically agreed between the Controller and Blitzz as per needs of the Controller. The following table describes the services and purpose for which these infrastructure service providers have been engaged.
(External links for additional information relating to security)
|Microsoft Corporation||Primary cloud infrastructure provider for Blitzz, where all SaaS applications are hosted. Almost all data stored, processed, and transmitted through Blitzz products and services reside on Azure Web Services data centers.|
European Economic Area
|Amazon Web Services, Inc.||Secondary cloud infrastructure provider of Blitzz, data is stored and processed in Google Cloud Platform Data Centers.|
European Economic Area
|Compliance Program; GDPR Centre; Supplementary Measures Addendum; Blog|
|Google Cloud Platform||Secondary cloud infrastructure provider of Blitzz, data is stored and processed in Google Cloud Platform Data Centers.||United States|
|Twilio**||webRTC Video & SMS provider. Twilio provides a platform for programmatically sending SMS and WhatsApp and webRTC services in the Blitzz application.||United States||Data Privacy; Data Security;|
|Twilio Sendgrid||Email Service Provider - managed mail servers are provided by SendGrid. Emails that are triggered programmatically from the applications are sent via SendGrid.||United States||Security Policy|
|Firebase Analytics||Collecting crash logs||United States||Privacy and Security|
|Stripe||For collecting credit card payments||United States||Service Agreement|
|Freshworks||Internal CRM and Ticket management solutions||United States||Terms of Service Agreement|
**Call recording is processed by Twilio and can be stored in your region of choice.
For questions or objections regarding sub-processors please write to email@example.com