Mandatory
The following table describes the countries and legal entities engaged in the processing and storage of personal data by Broadpeak acting as a data processor on behalf of its customers, the data controllers.
| Sub processor | Registered address | Territory of Processing | Processing activities | ex-EEA Transfers and/or ex-UK Transfers |
| Amazon Web Services | Amazon Web Services EMEA SARL Address: 38 avenue John F. Kennedy, L-1855 Luxembourg Storage in Ireland Contact person’s name, position and contact details: tel: 352 2789 0057 https://aws.amazon.com/fr/contact-us/compliance-support/ | EU – Germany (Frankfurt) | Sub-processor (non-affiliated) to perform tasks described in the Service/product offer/documentation/SOW on behalf and under instruction of Processor – Storage of encrypted logs to assist the Vendor support | No |
| Salesforce (Pardot) | Salesforce.com France S.A.S Registered in Paris with company number: 483 993 226 RCS Paris Registered office: 3 Avenue Octave Gréard 75007 Paris – France 75007 Paris France privacy@salesforce.com. Tel: 18006649073 | EU – Ireland & Germany | Sub-processor (non-affiliated) providing CRM platform to support the customer (Ticketing; support activities) | No |
| DataDog – Monitoring platform | Datadog, Inc., 620 8th Avenue, Floor 45, New York, NY 10018; or privacy@datadoghq.com. EU Contact: privacy@datadoghq.com. | EU France, Dublin and Germany (Frankfurt) for AWS Infrastructure | No | |
| Microsoft France | MICROSOFT FRANCE: 37/45, 37 QUAI DU PRESIDENT ROOSEVELT, 92130 ISSY-LES-MOULINEAUX, FRANCE SIREN: 327733184 Microsoft EU Data Protection Officer at: Microsoft Ireland Operations Limited, Attn: Data Protection Officer, One Microsoft Place, South County Business Park, Leopardstown, Dublin 18, Ireland. Telephone: +353 1 706 3117. | EU – Mainly Ireland M365 Service Geography : Exchange Online : European Union Exchange Online Protection: European Union Microsoft Teams : European Union OneDrive : France SharePoint : France | Sub-processor (non-affiliated) providing platform usd by Vendor to support the customer (Ticketing; support activities) | No |
| Internalized Consulting/Service providers – List provided on request as dependent on projects /products | On request as depending on activities | 3771 boulevard des alliés 35510 Cesson-Sevigne – France | Sub-processor : product development, maintenance, and support | No |
| Service partners | On written request | EUR | Sub-processor : providing complementary or additional service solution of features which rrocessing may include providing (i) cloud computing infrastructure, (ii) logs analysis, (iii) content delivery network (CDN) services, (iv) content transcription, translation, and captioning services, (v) customer service and support, (vi) virtual or hybrid event management services, and (vii) other optional functions that Customer chooses to enable and/or use via the Purchased Services. | Depends on the region the service is to be performed |
| Chargebee | CHARGEBEE INC. Address: 340 S Lemon Avenue, #1537, Walnut, California 91789, USA Contact person’s name, position and contact details: Privacy team, privacy@chargebee.com (https://www.chargebee.com/company/) | EU Germany (Frankfurt) | Processor (non-affiliated) : Chargebee manages recurring billing, invoicing, payments, and subscription management (including handling trials, usage-based billing, and future integrations with payment gateways/accounting tools) | Chargebee has incorporated the EU’s Standard Contractual Clauses (SCCs) for data transfers Privacy Policy – Chargebee Inc |
| LinkedIn Corporation, 2029 Stierlin Court, Mountain View, CA 94043, USA. (For EU users, the data controller is LinkedIn Ireland Unlimited Company, Wilton Plaza, Dublin 2, Ireland.) | LinkedIn’s services are primarily operated from the US, while its European subsidiary in Ireland facilitates processing for EEA/UK members. In practice, EU personal data may be accessed or stored on US servers, with LinkedIn Ireland as the local representative. | Controller (non-affiliated): LinkedIn may be utilized for functions like marketing tools (e.g. advertising campaigns or social login integrations) in relation to the use of the Broadpeak.io to platform by the customer | LinkedIn relies on EU Standard Contractual Clauses (SCCs) approved by the European Commission as a legal mechanism for EU->US data transfers. In addition, LinkedIn maintains an active certification under the EU-U.S. Data Privacy Framework (DPF) (as well as the UK and Swiss extensions), committing to uphold EU-level data protection principles for data imported to the US. These measures ensure lawful transfers and protection of EU personal data when processed in the United States. https://fr.linkedin.com/legal/privacy-policy | |
| Auth0 | Auth0, Inc. (an Okta company) – 10800 NE 8th Street, Suite 600, Bellevue, WA 98004, USA. | EU (primarily in Frankfurt, Germany with failover in Dublin, Ireland) | Processor (non-affiliated): Auth0 handles user login, authentication tokens, single sign-on, and related security processes for applications on the Broadpeak.io platform | Auth0 (and parent Okta) relies on the European Commission’s Standard Contractual Clauses in its Data Processing Addendum to cover EU-to-US data transfers. Furthermore, Auth0, LLC is certified under the EU-U.S. Data Privacy Framework (as well as the UK and Swiss DPF extensions) https://security.okta.com/ |
| Intercom | Intercom, Inc., 55 2nd Street, 4th Floor, San Francisco, CA 94105, USA. (Intercom’s group also includes Intercom R&D Unlimited Company in Ireland and Intercom Software UK Ltd in London,) | USA | Processor: Intercom is used for customer support/chat widgets, user onboarding messages, and ticketing – facilitating real-time support and marketing communications with end-users. | Intercom, Inc. is certified under the EU-U.S. Data Privacy Framework, including the UK and Swiss extensions. In addition, Intercom’s agreements incorporate the EU Standard Contractual Clauses (SCCs) (and the UK International Data Transfer Addendum) for any transfers of EU/UK customer data to the U.S. or other countries as required. https://www.intercom.com/legal/privacy |
| OTHER |
Affiliates
The following parties of the Broadpeak Group have entered an Inter Group Data Transfer & Processing Agreement that sets out the data protection requirements between the parties.
| Affiliated Sub processor | Registered address | Terriorty of Processing | Processing activities | ex-EEA Transfers and/or ex-UK Transfers |
| Broadpeak Video Systems | Broadpeak Video Systems – E 28th St 8th Floor, # 16033 New York, NY 10016 USA 20161060366 | USA ( eg. Denver ) | Sub-processor – affiliate of Broadpeak – NOC/Cockpit for platform operation monitoring, maintenance, and support | Yes – Inter Group Data Transfer & Processing Agreement |
| Broadpeak Asia Pacific Pte Ltd | Broadpeak Asia Pacific Pte Ltd – 3 CHURCH STREET #29-00 SAMSUNG HUB SINGAPORE 049483 201305715E | Singapore | Sub-processor – affiliate of Broadpeak – NOC/Cockpit for platform operation monitoring, maintenance, and support | Yes – Inter Group Data Transfer & Processing Agreement |
| Broadpeak Video Systems Canada Inc | Broadpeak Video Systems Canada Inc – 700-1980 rue Sherbrooke O, Montreal (Québec), H3H1E8- registration number : 1176300516 | Canada | Sub-processor – affiliate of Broadpeak – NOC/Cockpit for platform operation monitoring, maintenance, and support | Yes – Adequate Country as per EU Commission decision Inter Group Data Transfer & Processing Agreement Adequate Country as per EU Commission decision |
* For Optional Third-Party Services, please contact Broadpeak to obtain the sub processors that are applicable to your service.
