Version 1.0 (22 May 2018) 

We share certain information with companies that may be considered our “sub-processors” under GDPR to provide our service.

What is a sub processor

A subprocessor is a third party data processor, who in agreement with Really Social Media has or potentially will have access to or process data (which may contain personal data). Really Social engages different types of Sub Processors to perform various functions as explained below. Really Social uses careful consideration and a reasonable selection process to look into the sub processors security, privacy and confidentiality practices.

Infrastructure

Name: Digital Ocean

Use: Cloud Service Provider

Country: UK (London data center)

Regulations: SOC 1 Type II, SOC 2 Type III, ISO/IEC 27001:2013, PCI-DSS, Privacy Shield, DPA

See more

Name: AWS (Amazon Web Services)

Use: Cloud Service Provider

Country: UK (London data center)

Regulations: GDPR Link, ISO 27001, Privacy Shield, DPA with SCC

Service

Name: Freshworks (Freshchat, FreshDesk & FreshSales)

Use: Customer Support: to communicate with our customers. Sometimes these communications includes the personal information.

Country: in EU, EUC, US and AU

Regulations: GDPR  Privacy Policy

Name: Whats App Business

Use: Customer Support: to communicate with our customers. Sometimes these communications includes the personal information.

Country: United States 

Regulations: GDPR, Privacy Shield,Privacy Policy

Name: Facebook Messenger

Use: Customer Support: to communicate with our customers. Sometimes these communications includes the personal information.

Country: United States 

Regulations: Privacy / Data Policy

Name: Google Apps For business

Use: Customer Support: to communicate with our customers. Sometimes these communications includes the personal information. Internal documents to suppose the function of the business. Email, Documents and sometimes Forms for surveys etc. 

Country: United States  

Regulations: Privacy Policy  GDPR

Name: Campaign Monitor

Use: Sending Marketing Emails 

Country: United States 

Regulations: GDPR Privacy Policy

Name: Postmark

Use: To process our transactional emails, such as our welcome email and invoices etc

Country: United States 

Regulations:  GDPR

Error Monitoring and Analytics

Name: Bugsnag

Use: Error Reporting

Country: United States 

Regulations: GDPR, Type II: SOC 1, SOC 2, SOC 3, SSAE 16 / ISAE 3402, ISO 27001, ISO 27017, ISO 27018

Name: Baremetrics

Use: Payment Analytics  

Country: United States 

Regulations: Privacy Policy    GDPR

Payment and Card information

Really Social Does not store any payment card information all processing is handled by the below sub processors according to their terms of service and privacy policies.

Name: Stripe

Use: Outsourced payment management

Country: United States 

Regulations: Privacy Policy 

Name: Moonclerk

Use: Outsourced payment management

Country: United States 

Regulations: Privacy Policy