T-Systemm engages a limited number of third-party service providers ("Subprocessors") to assist in delivering the Service. Each Subprocessor is bound by a data processing agreement that imposes obligations no less protective than those in our DPA.
Current Subprocessors
| Subprocessor | Purpose | Data Processed | Location |
|---|---|---|---|
| Amazon Web Services (AWS) | Cloud infrastructure and hosting | All Service data (encrypted) | EU (Frankfurt) / US |
| Stripe | Payment processing | Billing name, email, payment method | US (SCCs in place) |
| Google Analytics | Website analytics | Anonymized usage data (IP anonymization enabled) | US (SCCs in place) |
| Mailgun | Transactional email delivery | Email address, name | EU (Frankfurt) |
| Sentry | Error monitoring and diagnostics | Technical error data (no compensation data) | US (SCCs in place) |
Note: Compensation and employee data is only processed by AWS (infrastructure hosting). Payment, email, analytics, and error-monitoring services do not have access to your organizational or compensation data.
Changes to Subprocessors
We notify all clients via email at least 30 days before engaging a new Subprocessor or replacing an existing one. The notification includes:
- Name and website of the Subprocessor
- Purpose of the engagement
- Categories of data to be processed
- Data hosting location
Objection Process
If you have concerns about a new Subprocessor, you may object in writing within 14 days of the notification. We will work with you to find an acceptable alternative. If no alternative is feasible and the objection is reasonable, you may terminate the affected Service component without penalty.
Stay Updated
To receive Subprocessor change notifications, ensure your account email is current, or subscribe to updates by contacting privacy@t-systemm.net.
Questions
For questions about our Subprocessors or data processing practices: privacy@t-systemm.net