Sub-processors

Bright Interactive use a select number of sub-processors to support the delivery of our services. Each sub-processor has been assessed for their ability to provide appropriately secure services and are themselves providing relevant assurances, policies and Data Processing Agreements that we have entered into.

We are also monitoring the ongoing compliance work of our providers and adjusting our own processes to make the most of any additional privacy options available.

Our current list of Dash sub-processors that process client data are:

  • Amazon Web Services - Infrastructure, file storage and processing services for our hosted products. Based in USA.

  • Google Inc - Email and administrative support applications. Based in USA.

  • Hubspot Inc - Processing of user information for notifications and service provision. Based in USA.

  • Blitline LLC - Image processing. Based in USA, with data remaining in the EU.

  • Auth0 - Authorisation and user management. Based in USA.

  • LogDNA - Application logging. Based in USA.

  • Microsoft Azure - Cloud services, including geolocation services. Based in USA.

  • Intercom - Customer Support platform. Based in USA.

  • Zencoder - Video encoding. Based in USA.

  • ConvertAPI - Document conversion. Based in EU.

  • Datadog, Inc - Application logging. Based in USA, with data being stored in the EU.

  • cloudHQ - cloud data migration. Based in USA, data not stored by cloudHQ.

These lists will be kept up to date with any changes to our sub-processors. You can sign up to receive email notifications about proposed changes by e-mailing help@brightdash.com or by starting a conversation with us using the chat button on this page.

International Data Transfer

Customer data in Dash is hosted by Amazon Web Services (AWS) in their EU regions. For more information about our hosting and security practices, please see our Security Overview page.

Additionally, the GDPR gives multiple ways for personal data to be transferred outside of the EU. This is relevant for the processing of personal data that may occur, upon request of our customers, for support and consultancy purposes. 

Our Terms and Conditions include the European Commission-approved Standard Contractual Clauses in order to ensure the controlled transfer of data outside of the EU, as well as other assurances such as E.U. - U.S. Privacy Shield certification and Binding Corporate rules where appropriate. Additionally, all of our providers make strong commitments related to the restriction of access to the data that is stored with them.

Did this answer your question?