Last modified: January 29th 2021

Subprocessors

To support delivery of our Services, Appfarm AS may engage and use data processors with access to certain Customer Data (each, a "Subprocessor"). This page provides important information about the identity, location and role of each Subprocessor. Terms used on this page but not defined have the meaning set forth in the Software Service Agreement or superseding written agreement between Customer and Appfarm.

Third-Party Sub-Processors for the Appfarm Platform (the “Service”) processing Customer Personal Data

Appfarm and its affiliates engage the following third-party entities to assist in connection with the Service as specified below:

Entity NameService Location (area where processing is performed)Registered addressCountry of registrationServiceTask performedGDPR ComplianceSchrems II
Google Ireland LimitedBelgiumGordon House, Barrow Street, Dublin 4IrelandGoogle Cloud PlatformCloud infrastructure for servers and databasesLinkLink
MongoDB LimitedBelgium3 Shelbourne Building, 3rd Floor, Crampton Avenue, Ballsbridge, Dublin 4IrelandMongoDB CloudDatabase servicesLinkLink
OnlineCity ApSEU/EEABuchwaldsgade 50, 5000 Odense CDenmarkGateway APISMS ServicesLinkLink
Mailgun Technologies, Inc.EU/EEA548 Market Street, Suite 43099, San Francisco, CA 94101USAE-mailE-mail servicesLinkLink
Freshworks, Inc.EU/EEA1250 Bayhill Drive, Suite 315, San Bruno, CA 94066USAFreshdeskSupport ticketing systemLinkLink

Third-Party Sub-Processors for the Appfarm Platform (the “Service”) not processing Customer Personal Data

Appfarm and its affiliates engage the following third-party entities to assist in connection with the Service as specified below. These Third-Party Sub-Processes are processing Customer Data, but not any Customer Personal Data which can be utilized to identify a person. Rather, these Third-Party Sub-Processors represent service providers related to the technical operations of the Appfarm Platform processing certain Non-Personal Data. Hence, disclosure of these Third-Party Sub-Processors are for reasons of transparency to Customers and Partners.

Entity NameService Location (area where processing is performed)Registered addressCountry of registrationServiceTask performedType of Data ProcessedGDPR ComplianceSchrems II
Functional Software, Inc.USA132 Hawthorne Street, San Francisco, CA 94107USASentryAutomated error reporting for platform usersIP address, URL of Appfarm solution, browser information (User Agent string), internal Appfarm identificator and crash logs.LinkLink
Report-URI Ltd.USA22 Shireburn Avenue, Clitheroe, Lancashire, United Kingdom, BB7 2PNEngland and WalesReport URIAutomated Content Security Policy anomaly reporting for platform users (Platform Security)IP address, URL of Appfarm solution, Browser information (User Agent string)Link

Third-Party Sub-Processors of associated Appfarm services not connected to the Appfarm Platform (the “Service”)

Appfarm and its affiliates engage the following third-party entities to assist in delivering services to Appfarm Customers, but not connected to the Appfarm Platform. These Third-Party Sub-Processes are used for communication and project management purposes with Customer administrator users. Hence, disclosure of these Third-Party Processors are for reasons of transparency to Customers and Partners.

Entity NameService Location (area where processing is performed)Registered addressCountry of registrationServiceTask performedGDPR ComplianceSchrems II
Slack Technologies, Inc.USA500 Howard Street, San Francisco, California 94105USASlackInstant messaging servicesLinkLink
Trello, Inc. (subsidiary of Atlassian Corporation Plc)USA55 Broadway, New York, NY 10006USATrelloProject management and customer communicationLinkLink

Appfarm may also use other third party service providers to process personal data from individuals, interacting with Appfarm outside the use of the Service, if it is necessary to provide you with a contractual service (GDPR art. 6.1 b), if we are required by law, court orders or legal processes to disclose your personal data (GDPR art. 6.1 c), or it can be justified on the basis of our legitimate interest in doing so (GDPR art. 6.1 f). Examples of this would be cloud-based e-mail, accounting and CRM systems. Please see Appfarm’s privacy policy for more information.

Updates

As our business grows and evolves, the Sub-processors we engage may also change. We will endeavor to provide the owner of Customer’s account with notice of any new Sub-processors to the extent required under the Agreement, along with posting such updates here. Please check back frequently for updates.

29/1/21: International Data Transfers

Although, in the light of European Court of Justice decision C-311/18 (Schrems-II) in which Privacy Shield as grounds for data transfers to third countries was invalidated, Appfarm is still ensuring that its Third-Party Sub-Processors are compliant with the GDPR framework, either by implementing Standard Contractual Clauses ensuring the same level of protection for its users or similar grounds accepted by the EDPB. This includes, but is not limited to, already existing service providers, but also service providers in the future.