data processingOur Data Processors

We aim to be transparent about what we do with data, including your data.

We use the suppliers in the table below to help us deliver services to our clients. Some of them may process client personal data as a result, becoming sub-processors for our clients. We specify any of these suppliers when drawing up Contracts and Agreements and inform our clients of proposed changes to seek agreement.

All our suppliers are under contract to us and will not use, share, or retain client personal data for any purposes other than those necessary for the provision of our services.​ In some cases, data is not only encrypted 'in motion', but also 'at rest', making data incomprehensible to our suppliers and compromise an impossibility.

 

 

Country
(Processing Country)
Nature of Processing Personal Data Types Data Subject Categories Security
 
Apple Inc.
USA (USA) Cloud file storage, address book and calendar. Various including Client contact details. Clients, enquirers, suppliers etc. Encrypted (SSL) connections, passwords and two-factor authentication.
BackupMonkey UG (haftungsbeschränkt)
Germany (Germany) Backup and security testing services. Contact details, IP addresses. Clients and other data subjects supplied by Clients. Encrypted (SSL) uploads, passwords etc.
British Telecom Group plc
UK (UK) Internet service provision and telephony services. Automated information such as IP address, operating system, and type of device, timestamps, network traffic. The Supplier only. Router protected by password (not default) and firewall.
Host Lincoln t/a Jolt
UK (UK) Web hosting and related services. Contact details, IP addresses. Clients and other data subjects supplied by Clients. Website traffic is encrypted via an SSL certificate. Access passwords and other measures in place inc. two-factor authentication for administration.
HSBC plc
UK (UK) Banking services. Banking and contact details. Supplier, Clients and its suppliers as payees. Encrypted (SSL) connections, passwords and two-factor authentication.
Hush Communications Canada Inc.
Canada (Canada) Canada has been granted an adequacy decision by the EU. See Clause 17.7.13. Hushmail secure email and file transfer communications. Client contact details and any other data supplied by Clients. Clients and other data subjects supplied by Clients. Encrypted (SSL) connections. The data are separately encrypted, and the Sub-processor has no access to the decryption keys.
Microsoft Corporation
USA (UK) OneDrive Cloud file storage. As supplied by Clients. Clients. Encrypted (SSL) connections, passwords and two-factor authentication.
QuickFile Ltd
UK (UK) Accounting records. Supplier and client contact details. Supplier and Clients. Encrypted (SSL) connections, passwords and two-factor authentication.
Sectigo Inc
USA (USA) Issue of SSL certificated for websites. Client account information needed for issuing SSL certificates (usually not personal). Supplier and Clients with websites supported by the Supplier. Encrypted (SSL) connections and passwords.
Tawk.to Inc.
USA (USA) Website Cloud ‘Chat’ service. Automated information such as IP address, operating system, and type of device. Contact and other information supplied by Clients and enquirers. Website enquirers and Clients. Encrypted (SSL) connections.

 

Last updated: 01 March, 2021