Sub-Processors

Details of our Sub-Processors

Before engaging with a Sub-Processor, Red Sift takes deliberate steps to conduct an assessment of risk arising from this third-party relationship. Any potential sub-processors are expected to demonstrate their security policies, processes, and procedures and prove that they are able to provide adequate protection of such data in line with our information security policy.

For more information about how we engage with Sub-Processors and details of the Personal Data we Process on behalf of our customers – please refer to our Red Sift: Data Processing Addendum. Unless stated otherwise, capitalized terms used on this page have the meanings set out in that Data Processing Addendum.

Aside from the Sub-Processors listed below, should a customer require technical support, depending on the time of day, such support may be provided by an authorized employee from any of the Red Sift global entities: Redsift Limited, Redsift Limited, Redsift Inc, Redsift Spain S.L, Redsift Germany GmbH, Redsift Australia Pty Limited, Hardenize Limited.

Entity Name	Products	Type of Entity & Sub-Processing Activities	Types of Personal Data Processed	Data Processing Region	Technical and Organizational Measures
IBM United Kingdom Limited	UK data residency option only: Redsift Pulse Platform OnDmarc BrandTrust	Data hosting and infrastructure: Cloud services provider and data storage	Any Personal Data Processed by Red Sift as part of those elements of the Services hosted by such Sub-Processor	UK & Germany	IBM Cloud Compliance ISO27701 ISO27001 SOC2 TYPE 2 DPA/ SCC's
Intercom, Inc.	Redsift Pulse Platform OnDmarc BrandTrust	Customer Support Services: web chat (Please note - this service can be disabled)	Any Personal Data that is provided to or accessed by Red Sift Personnel as part of communications, chats etc (together with associated materials, documents and artifacts) as part of the Support Services	USA	Intercom Security ISO27001 SOC2 TYPE 2 DPA/ SCC's
Microsoft Corporation	EU data residency option only: Redsift Pulse Platform OnDmarc BrandTrust	Data hosting and infrastructure: Cloud services provider and data storage	Any Personal Data Processed by Red Sift as part of those elements of the Services hosted by such Sub-Processor	Netherlands	Azure Compliance ISO27001 ISO27701 SOC2 TYPE 2 DPA/ SCC's
Microsoft Corporation	USA data residency option only: Redsift Pulse Platform OnDmarc BrandTrust	Data hosting and infrastructure: Cloud services provider and data storage	Any Personal Data Processed by Red Sift as part of those elements of the Services hosted by such Sub-Processor	USA	Azure Compliance ISO27001 ISO27701 SOC2 TYPE 2 DPA/ SCC's
Salesforce, Inc.	All	Support Services: Customer Support Services file and ticket management	Any Personal Data that is comprised in files and tickets etc submitted to Red Sift as part of the Support Services	UK	Salesforce Compliance ISO27001 SOC2 TYPE 2 DPA/ SCC's
Open AI, L.L.C	Radar	AI-powered natural language processing	Any Personal Data submitted to Radar (including as inputs and prompts to Radar)	USA	SOC2 TYPE 2 DPA/ SCC's
Incopro Limited	Brand Trust – Notice and Takedown Services	Brand protection services (including notice and takedown services)	Any Personal Data submitted as part of the Brand Trust – Notice and Takedown Services	USA	Incopro Compliance DPA/ SCC's
Google LLC	Brand Trust – Notice and Takedown Services	Brand protection services (including notice and takedown services)	Any Personal Data Processed by Red Sift as part of those elements of the Services hosted by such Sub-Processor	EU	Google Compliance ISO27001 ISO27701 SOC2 TYPE 2 DPA/ SCC's
Amazon Web Services, Inc.	Brand Trust – Notice and Takedown Services	Brand protection services (including notice and takedown services)	Any Personal Data submitted as part of the Brand Trust – Notice and Takedown Services	UK	AWS Compliance ISO27001 ISO27701 SOC2 TYPE 2 DPA/ SCC's

Where can you get information about our direct Processors?

Please note this page only lists details of the Sub-Processors that Red Sift appoints to perform Processing of Customer Personal Data which Red Sift carries out as customers’ Processor.

Accordingly, this page does not list any of Red Sift’s ‘direct’ Processors engaged to Process any Personal Data for Red Sift’s own business/customer relationship administration purposes, our own marketing, our own platform or service analytics, our own information and systems security purposes supporting the operation of the Services under the Agreement, nor our own legal, regulatory or compliance purposes.

You can find further details of the purposes for which we may use Personal Data as a Controller in our own right in our Privacy Policy.