List of Sub-processors
Last updated: December 2024
This page provides transparency about the third-party sub-processors that Hypersequent DMCC ("we", "us", "our") engages to process personal data on behalf of our customers when providing QA Sphere services. These sub-processors assist us in delivering, securing, and improving our services.
What is a Sub-processor?
A sub-processor is a third-party data processor engaged by Hypersequent who has or may have access to or process personal data provided by our customers. We conduct due diligence on all sub-processors to ensure they provide a level of data protection consistent with our Privacy Policy and applicable data protection laws.
Current Sub-processors
The following table lists the sub-processors we currently use for data processing activities:
| Sub-processor | Nature and Purpose | Categories of Personal Data | Location | Security Measures |
|---|---|---|---|---|
| Amazon Web Services, Inc. | Cloud hosting provider | Personal data contained in user account information and text or files created by customer and stored in Applicable Products | EEA (Ireland), USA, Singapore | AWS Compliance Portal |
| Cloudflare, Inc. | Content Delivery Network (CDN), caching, security services, serverless page/functions hosting | Personal data contained in web traffic during trial registration on the qasphere.com landing page | Global | Cloudflare Trust Hub |
| Bright Market, LLC (dba FastSpring) | Payment processor | Payment information, billing details, and related personal data | USA, EEA (Germany), UK | FastSpring Trust Center |
| AC PM LLC (dba Postmark) | Sending transactional emails | Email addresses, names, and any data included in transactional emails | USA | Postmark Security |
| Functional Software, Inc. (dba Sentry) | Monitoring of systems for errors | Error data, log files, and potentially personal data included in error reports | USA, EEA (Germany) | Sentry Trust Center |
| OpenAI, LLC | Provider of AI services | Personal data processed during AI tasks | USA | OpenAI Trust Portal |
| Better Stack, Inc. | Website monitoring, incident management and logging platform | Identifiers in log files, information that may be personally identifiable | USA | Better Stack Security |
Data Processing Agreement
Our Data Processing Agreement (DPA) governs how we process personal data on behalf of our customers and forms part of the Terms of Use. It incorporates the EU Standard Contractual Clauses for international data transfers.
A custom Data Processing Agreement with signatures is available upon request for enterprise customers with specific compliance requirements. Please contact us at [email protected] to request a signed DPA.
Updates to This List and Notifications About New Sub-processors
We may update this list from time to time, for example when we add new sub-processors or stop working with existing ones.
When we intend to add or replace a sub-processor that will process personal data on behalf of QA Sphere customers, we will:
- update this page, and
- provide affected customers with prior notice at least 10 days before the change becomes effective, for example by email to the account owner or designated contact and/or by in-app notification.
This advance notice is designed to give customers the opportunity to review the proposed sub-processor and, where applicable, exercise any right to object as described in their Data Processing Agreement or the applicable Standard Contractual Clauses.
If we stop using a sub-processor, we may update this list to remove that sub-processor without advance notice.
We also recommend checking this page periodically to stay informed about our current sub-processors. If you have questions about our sub-processors or data processing practices, please contact us at [email protected].