Effective Date: December 28, 2020
Sub-processors are third-party businesses engaged by a processor for performing data processing on behalf of a controller. According to the GDPR, these companies are also accountable for protection of an individual’s personal data. Data protection obligations of sub-processors are to be established by way of contract or other legal acts under the Union or Member State law. This includes providing sufficient guarantees to implement appropriate technical and organizational measures as specified in the regulation.
DOTGO partners with organizations that, like itself, adhere to global standards and regulations. Apart from evaluation for technical requirements, DOTGO ensures examination of data protection measures, compliance with DOTGO security requirements, and security audit reports before close of contract. Initial agreements include review and approval of - provision for breach notification in the event of unwarranted data incidents, and necessary security measures for data protection.
List of Sub-processors
DOTGO utilizes both infrastructure and services specific vendors to provide product and services to it’s Controllers (DOTGO customers) and end-users. The following is an up-to-date list (as of the Effective Date listed in the header) of names and purpose of DOTGO sub-processors and 3rd-party vendors:
Infrastructure & Services Sub-processors:
DOTGO products and services operate on cloud platforms, listed in the table below. DOTGO holds control and access to data hosted on these services, which resides in corresponding data center facilities. Data remains in the data center facilities of the subprocessors, unless subsequently shifted to ensure performance and availability of services, or specifically agreed between the Controller and DOTGO as per needs of the Controller (DOTGO customers). The following table describes the services and purpose for which these infrastructure service providers have been engaged.
To be able to provide specific functionality within its products and services, DOTGO partners with third-party services. These entities are sub-processors with access to service data (limited to purpose and use of indicated services) and are listed in the table below: