Subprocessors

An overview of our subprocessors

Last Updated: September, 2020



To support delivery of our Services, Virtual Vaults Nederland B.V. may engage and use data processors with access to certain client data (each, a "Subprocessor"). This page provides you with information about the identity and location of each Subprocessor.

Virtual Vaults currently uses third party Subprocessors to provide infrastructure services, and to help us provide customer support and send out email/SMS notifications. Before engaging any third party Subprocessor, Virtual Vaults performs an audit in order to evaluate their privacy, security and confidentiality practices.


Primary Subprocessor

Data that is uploaded by our customers is only processed by our primary subprocessor. Data is only processed in the region that is chosen by the customer.

Microsoft Azure

Data processing locations

  • European Union (the Netherlands, backup in Ireland) - Default
  • The Netherlands
  • United Kingdom

  • Compliance offerings

    • ISO/IEC 27001:2013 (Information security)
    • ISO/IEC 27017:2015 (Cloud security)
    • HIPAA / HITECH
    • Baseline Informatiebeveiliging Rijksdienst standard (BIR 2012)
    • SOC 1 type II
    • SOC 2 type II
    • SOC 3

    More information: https://www.microsoft.com/en-us/trust-center/compliance/compliance-overview


    Supporting Subprocessors

    These processors do not have access to data that is uploaded by our customers. Virtual Vaults ensures that all subprocessors comply with the European privacy laws.

    Docusign

    Compliance offerings

    • SOC 1 type II
    • SOC 2 type II
    • ISO 27001
    • ExDTM Standard
    • PCI DSS
    • CloudTrust

    More information: https://trust.docusign.com/en-us/trust-certifications/gdpr


    SendGrid

    Compliance offerings

    • SOC2 Type II
    • Cloud Security Alliance

    More information: https://sendgrid.com/policies/privacy/services-privacy-policy/


    Twilio

    Compliance offerings

    • SOC2 Type II
    • TRUSTe’s Privacy Seal Cloud
    • Cloud

    More information: https://www.twilio.com/legal/privacy


    Zendesk

    Compliance offerings

    • SOC2 Type II
    • ISO 27001
    • TRUSTe’s Privacy Seal Cloud
    • Cloud

    More information: https://www.zendesk.com/company/customers-partners/eu-data-protection


    Drift

    Compliance offerings

    • SOC2 Type II
    • Cloud Security Alliance

    More information: https://www.drift.com/security/


    Mailchimp

    Compliance offerings

    • SOC 2 Type 2
    • TRUSTe’s Privacy Seal Cloud
    • EU-US Privacy Shield

    More information: https://mailchimp.com/about/security


    Chargibee

    Compliance offerings

    • SOC 2 Type II

    More information: https://www.chargebee.com/privacy/


    GoCardless

    Compliance offerings

    • ISO 27001

    More information: https://gocardless.com/privacy/


    Templafy

    Compliance offerings

    • SOC 2 Type I

    More information: https://www.templafy.com/privacy/