Subprocessors
Introduction
Instabase, Inc. and its subsidiaries (“Instabase”) use Subprocessors in providing its Platform products and services (“Instabase Service” or “Services”).
What is a Subprocessor
A Subprocessor is a third-party data processor, utilized by Instabase while providing Services to its customers. In some cases, a Subprocessor is an Instabase subsidiary that receives or processes Customer Data. Instabase may engage one or more Subprocessors from the lists below, based on Customer location and Services provided.
Process to Engage New Subprocessors
As an Instabase customer, you may subscribe to receive notifications of new Subprocessor(s) for each applicable Instabase Service. Instabase shall provide at least 30 days (email) notice to its customers, before a new Subprocessor begins processing Customer Data. Pursuant to the applicable agreement with a customer, a customer may have the right to object to the processing of its Personal Data by a new Subprocessor. Please refer to the DPA for additional details.
You can subscribe to receive email notifications for changes to Instabase Subprocessors by emailing the following information to compliance@instabase.com:
- Customer Name
- Customer Address
- Executed copy of the Customer-Instabase Data Processing Addendum
To edit your email notification information, please re-submit a request to compliance@instabase.com, with the subject title “Change in Contact Information”.
Subprocessors
[[component_1]]
Instabase Affiliates
[[component_2]]
Entity Name
Purpose
Entity Country
Security and Compliance Validations
Amazon Web Services, Inc.
Cloud Service Provider, Cognitive Services
United States, European Union, and United Kingdom
ISO 9001, ISO 27001, ISO 27017, ISO 27018, SOC 1/ISAE 3402, SOC 2, SOC 3, FISMA, DIACAP, and FedRAMP, PCI DSS Level 1
Additional Details:
https://docs.aws.amazon.com/whitepapers/latest/aws-overview/security-and-compliance.html
Google LLC
Cloud Service Provider, Cognitive Services
United States, European Union, and United Kingdom
Cloud Computing Compliance Controls Catalog (C5) | CSA | GSMA SAS-SM | Higher Education Cloud Vendor Assessment Tool (HECVAT) | ISO 9001:2015 | ISO 22301:2019 & BS EN ISO 22301:2019 | ISO 50001:2018 | ISO/IEC 27001 | ISO/IEC 27017 | ISO/IEC 27018 | ISO/IEC 27701 | PCI 3DS Core Security Standard | PCI DSS | SOC 1 | SOC 2 | SOC 3 | VPAT (WCAG, U.S. Section 508, EN 301 549)
Additional Details:https://cloud.google.com/security/compliance
Microsoft Corporation
Cloud Service Provider, Cognitive Services
United States, European Union, and United Kingdom
ISO 20000, ISO 22301, ISO 27001, ISO 27017, ISO 27018, ISO 27701, ISO 9001, SOC 1, SOC 2 Type 2, SOC 3
Additional Details:https://learn.microsoft.com/en-us/azure/compliance/
OpenAI OpCo LLC
Cognitive Services
United States, European Union
Additional Details: https://openai.com/policies/api-data-usage-policies
Zendesk
Customer support
ticketing
United States
ISO 27001:2013, ISO 27018:2014, ISO 27701:2019, FedRAMP LI-SaaS, SOC2 Type 2
Additional Details: https://www.zendesk.com/trust-center/#anchor-compliance
SendSafely
Security data exchange
United States
Additional Details: https://www.sendsafely.com/security/
Entity Name
Entity Country
Instabase Technologies Canada, Inc
Canada
Instabase Technologies Germany GmbH
Germany
Instabase India Private Limited
India
Instabase Singapore PTE, LTD
Singapore
Instabase UK Limited
United Kingdom