Siteimprove as a data processor
When providing services through the Siteimprove Intelligence Platform, Siteimprove operates as a data processor under the General Data Protection Regulation (EU) 2016/679 (“GDPR”) and a Service Provider under the California Consumer Privacy Act (“CPRA”).
Any personal data processed by Siteimprove when providing the services is processed according to the direct and documented instructions from a data controller or Business, as applicable, i.e. the customer.
As the processor of customer data, Siteimprove encourages all customers to enter into a DPA with Siteimprove.
Customers wishing to use Siteimprove's DPA or CPRA Addendum, can download it from this site.
Data Processing Agreement
This Data Processing Agreement (“DPA”) forms part of the Master Subscription Agreement (the “MSA”) entered into between customer and Siteimprove.
The purpose of the DPA is to regulate the terms and conditions with regard to the processing of personal data, in accordance with the requirements of the General Data Protection Regulation (EU) 2016/679 (“GDPR”). Some of the aspects covered in the DPA are;
- Scope and purpose of the processing
- The categories and types of data processed on customers behalf
- The technical security measures and how data is protected
To execute this DPA:
- Choose governing national law under clause 12
- Countersign the DPA
- Send the signed document to privacy@siteimprove.com
Siteimprove's Data Processing Agreement can be downloaded here.
CPRA DPA
This CPRA DPA forms part of the Master Subscription Agreement (the “MSA”) entered into between customer and Siteimprove.
The purpose of the CPRA DPA is to regulate the terms and conditions with regard to the processing of personal data, in accordance with the requirements of the California Consumer Privacy Act, Cal. Civ. Code §§ 1798.100 et seq. (CPRA).
To execute this DPA:
- Countersign the document
- Send the signed document to privacy@siteimprove.com
Siteimprove's CPRA DPA can be downloaded here.
Sub-processors
Siteimprove may use third parties to assist in delivering our Services - so called sub-processors.
On this page we maintain a list of the sub-processors used when we act as a data processor for customers using the Siteimprove Intelligence Platform.
The third parties listed below are used to host our customer data and to provide specific functionality within the Service.
| Company | Information | Location and description of processing |
|---|---|---|
| InterXion | Company registration number: 25147022 Registered office: Industriparken 20A, 2750 Ballerup, Denmark |
Denmark, Ballerup Primary hosting location for the Siteimprove infrastructure. This location contains the bulk of the Siteimprove application logic and the various database back-ends. |
| Amazon Web Services EMEA SARL | Company registration number: B-93815 Registered office: 38, Avenue John F. Kennedy, L-1855 Luxembourg AWS entity: A100 ROW GmbH |
Frankfurt, Germany Hosting location for some of our service components, which mainly relates to the storage of crawled content from Customers’ websites by the Quality Assurance service. |
| SingleStore | Company registration number: C3400137 Registered office: 534 4th St, San Francisco, CA 94107, USA |
Frankfurt, Germany Relational database used in order to deliver Analytics-based services. |