Third Party Policy

Sub-Processors, Subsidiaries & Support

laptop-01

We may use sub-processors, subsidiaries and support service providers to provide our Service. Listed below are such entities with whom we may share customer data.

 

Infrastructure sub-processors

We use the third parties listed below to host our customer data and to provide specific functionalities within the Service.

Sub-processor Purpose Data type Personal Data Service region
Amazon Web Services Inc Cloud computing provider
  • Contact details e.g. name, email
  • Documents uploaded e.g. videos, word processing etc.
  • Usage reporting
 Yes European Union (EU)
Cloudinary Uploading service for images including manipulation (e.g. cropping) and storage
  • Images e.g. profile
 Yes European Union (EU)
Cloudflare DNS Management, Web application firewall and Edge Caching
  • IP Addresses, javascript asset caching, DNS records and WAF and infrastructure configuration
 Yes United States of America (US**
Rustici  E-Learning package service
  • E-Learning package data
 Yes European Union (EU)
New Relic Application performance and error monitoring
  • Application performance data and error messages
 No European Union (EU)
Rollbar Error monitoring
  • System Error messages
  • IP Addresses
  • In some cases, error messages might capture personal data such as email address or full name
 Yes United States of America (USA)**
Mailgun Email delivery
  • Email address and email body
 Yes European Union (EU)
Good Data BI Analytics Tool
  • All customer data, providing the BI Reporting bolt-on has been purchased and enabled or you have Advanced Analytics included in your package
 Yes European Union (EU)
AssemblyAI AI-powered audio and video transcription services
  • When customers enable our AI audio and video transcription features, we send media files to AssemblyAI to generate accurate text transcriptions of spoken content.
 Yes European Union (EU)
OpenAI Advanced AI-powered search and reasoning capabilities
  • When customers enable our AI advanced search and Agents features, we use OpenAI's large language models to analyse customer data, provide intelligent search results, and perform automated reasoning tasks.
 Yes European Union (EU)
Anthropic Advanced AI-powered search and reasoning capabilities
  • When customers enable our AI advanced search and Agents features, we use Anthropic's large language models to analyse customer data, provide intelligent search results, and perform automated reasoning tasks.
 Yes European Union (EU)
Google Advanced AI-powered search and reasoning capabilities
  • When customers enable our AI advanced search and Agents features, we use Google's large language models to analyse customer data, provide intelligent search results, and perform automated reasoning tasks.
 Yes European Union (EU)

 

Other sub-processors

We use the third parties listed below to provide specific functionalities within the Service.

Sub-processor Purpose Data type Personal Data Service region
Atlassian

Service to track & manage tickets, Knowledge base
  • Contact details e.g. name, work-email
  • Tickets e.g. details of support requests
 Yes European Union (EU)
Pendo Product analytics platform
  • Contact details e.g. name, work-email
  • User usage data
 Yes European Union (EU)
Totango Active User Statistics
  • User full name, user status (confirmed/deactivated), user role and time stamped activity
 Yes European Union (EU)

Hubspot, Inc

 Customer Relationship Management (CRM) 
  • Key contacts for Prospect's and Customer's (Full name, job role, and work-email) managed by Sales and Customer Success. No user data from platform is processed here. 
 Yes United States of America (USA)**

Microsoft

 Email, File Storage, Word Processing and other office tools
  • Key contacts for Prospect's and Customer's (Full name, job role, and work-email)
  • Emails regarding support tickets raised by users (full name, email address)
 Yes European Union (EU)

Monday.com Inc

 Project Management Tool
  • Product feedback submissions, internal and customer facing project management (Full name, job role and work-email). No user data from platform is processed here. 
 Yes United States of America (USA)**

Slack Technologies, LLC

 Internal communications tool 
  • Communications between Learn Amp employees. Employees may discuss support tickets which include user data. Some user data which may be processed include full name and email address. 
 Yes United States of America (USA)**

Google LLC

 Analytics and marketing 
  • Marketing and analytics data, user tracking, IP address and geolocation. Users can opt-out from web analytics changing cookie settings. 
 Yes United States of America (USA)**

 

Sub-contractors

We use the third parties listed below to provide contracted resource

Sub-processor Purpose Data type Personal Data Service region
Exlabs

Development partner supporting product development
  • No access to data from outside our EU networks, as per GDPR guidelines.  
 Yes European Union (EU)
NVOY Technologies IT Managed Service Provider
  • Management of Learn Amp company IT. Access to administer company files, email and company devices. 
  • Management of VPN and network firewall: Our firewall is designed to monitor network traffic meticulously and scan for malicious content, ensuring the security of all customer data.
 Yes United Kingdom of Great Britain and Northern Ireland (GB)
Monneypenny Call answering service
  • Answers our phone systems
 Yes United Kingdom of Great Britain and Northern Ireland (GB)
Defense.com 24/7 SIEM Monitoring
  • Security logs from AWS and infrastructure services, API, VPN and active directory. IP addresses are included in these logs.
 Yes European Union (EU)
Offshore Team Development partner supporting product development
  • Handling Technical Support queries where analysis of customer data is necessary in solving issues. 
  • Handling performance issues where analysis of customer data is necessary in solving issues.
  • Analysis of feature usage as instructed by the Exporter, where understanding usage is being used to improve understanding and quality of feature development. 
 Yes Philippines (PHL)

 

Content Delivery Networks (CDN)

We may use the CDN listed below for security purposes, and to optimize content delivery. CDNs are commonly used systems of distributed services that deliver content based on the geographic location of the user accessing the content and the origin of the content provider.

CDN
Cloudfront
Cloudflare

 

** With the recent extension of the EU-US Data Privacy Framework to include the United Kingdom, Learn Amp is committed to ensuring the highest standards of data privacy and security. This extension provides a robust mechanism for the lawful transfer of personal data from the EU and the UK to the United States.

Under this framework, Learn Amp adheres to stringent data protection principles, ensuring that any data transferred is subject to adequate safeguards and consistent with EU and UK data protection laws. Our commitment extends to working with third-party processors who are also compliant with these regulations.

We remain dedicated to transparency in our data processing activities and upholding the rights of our users under these enhanced data protection standards.

Try Learn Amp yourself

Take the first step to a new learning system your employees will love.

Homepage-1