Third Party Policy

Sub-Processors, Subsidiaries & Support

laptop-01

We may use sub-processors, subsidiaries and support service providers to provide our Service. Listed below are such entities with whom we may share customer data.

 

Infrastructure sub-processors

We use the third parties listed below to host our customer data and to provide specific functionalities within the Service.

Sub-processor Purpose Data type Personal Data Service region
Amazon Web Services Inc Cloud computing provider
  • Contact details e.g. name, email
  • Documents uploaded e.g. videos, word processing etc.
  • Usage reporting
Yes EU
Cloudinary Uploading service for images including manipulation (e.g. cropping) and storage
  • Images e.g. profile
Yes EU
Cloudflare DNS Management, Web application firewall and Edge Caching
  • IP Addresses, javascript asset caching, DNS records and WAF and infrastructure configuration
Yes US**
Rustici  E-Learning package service
  • E-Learning package data
Yes EU
New Relic Application performance and error monitoring
  • Application performance data and error messages
No EU
Rollbar Error monitoring
  • System Error messages
  • IP Addresses
  • In some cases, error messages might capture personal data such as email address or full name
Yes US**
Mailgun Email delivery
  • Email address and email body
Yes EU
Good Data BI Analytics Tool
  • All customer data, providing the BI Reporting bolt-on has been purchased and enabled or you have Advanced Analytics included in your package
Yes EU

 

Other sub-processors

We use the third parties listed below to provide specific functionalities within the Service.

Sub-processor Purpose Data type Personal Data Service region
Atlassian

Service to track & manage tickets, Knowledge base

  • Contact details e.g. name, work-email
  • Tickets e.g. details of support requests
Yes EU
Pendo Product analytics platform
  • Contact details e.g. name, work-email
  • User usage data
Yes EU
Totango Active User Statistics
  • User full name, user status (confirmed/deactivated), user role and time stamped activity
Yes EU

Hubspot, Inc

Customer Relationship Management (CRM) 
  • Key contacts for Prospect's and Customer's (Full name, job role, and work-email) managed by Sales and Customer Success. No user data from platform is processed here. 
Yes US**

Microsoft

Email, File Storage, Word Processing and other office tools
  • Key contacts for Prospect's and Customer's (Full name, job role, and work-email)
  • Emails regarding support tickets raised by users (full name, email address)
Yes EU

Monday.com Inc

Project Management Tool
  • Product feedback submissions, internal and customer facing project management (Full name, job role and work-email). No user data from platform is processed here. 
Yes US**

Slack Technologies, LLC

Internal communications tool 
  • Communications between Learn Amp employees. Employees may discuss support tickets which include user data. Some user data which may be processed include full name and email address. 
Yes  US**

Google LLC

Analytics and marketing 
  • Marketing and analytics data, user tracking, IP address and geolocation. Users can opt-out from web analytics changing cookie settings. 
Yes US**

 

Sub-contractors

We use the third parties listed below to provide contracted resource

Sub-processor Purpose Data type Personal Data Service region
Exlabs

Development partner supporting product development

  • No access to data from outside our EU networks, as per GDPR guidelines.  
Yes EU
NVOY Technologies IT Managed Service Provider
  • Management of Learn Amp company IT. Access to administer company files, email and company devices. 
  • Management of VPN and network firewall: Our firewall is designed to monitor network traffic meticulously and scan for malicious content, ensuring the robust security of all customer data.
Yes UK
Monneypenny Call answering service
  • Answers our phone systems
Yes UK
Defense.com 24/7 SIEM Monitoring
  • Security logs from AWS and infrastructure services, API, VPN and active directory. IP addresses are included in these logs.
Yes EU
Offshore Team Development partner supporting product development
  • No access to data from outside our EU networks, as per GDPR guidelines. 
Yes PH

 

Content Delivery Networks (CDN)

We may use the CDN listed below for security purposes, and to optimize content delivery. CDNs are commonly used systems of distributed services that deliver content based on the geographic location of the user accessing the content and the origin of the content provider.

CDN
Cloudfront
Cloudflare

 

** With the recent extension of the EU-US Data Privacy Framework to include the United Kingdom, Learn Amp is committed to ensuring the highest standards of data privacy and security. This extension provides a robust mechanism for the lawful transfer of personal data from the EU and the UK to the United States.

Under this framework, Learn Amp adheres to stringent data protection principles, ensuring that any data transferred is subject to adequate safeguards and consistent with EU and UK data protection laws. Our commitment extends to working with third-party processors who are also compliant with these regulations.

We remain dedicated to transparency in our data processing activities and upholding the rights of our users under these enhanced data protection standards.

Try Learn Amp yourself

Take the first step to a new learning system your employees will love.

Homepage-1