/
55 Degrees Sub-Processors and Suppliers

55 Degrees Sub-Processors and Suppliers

At 55 Degrees, we are committed to protecting our customers' data. This page provides a transparent list of our sub-processors and suppliers who may handle customer data on our behalf. Our selection and management of these partners are guided by our commitment to information security and data privacy, aligning with the standards of ISO 27001, SOC 2, DORA and the GDPR.

All listed sub-processors are subject to a thorough security and risk assessment to ensure they meet our high standards for data protection.

Notification of Changes

We are committed to notifying our customers of any changes to our sub-processors. We will update this page and notify key customer contacts via email at least 30 days before engaging any new sub-processor that may process customer data.

Our Sub-processors and Suppliers

Below is a list of third-party companies that process data, which may include personal data, on behalf of 55 Degrees.

  • Data Handling: Each sub-processor handles data in strict accordance with the terms of a written contract and our customers' instructions.

  • Scope: This list includes only sub-processors to whom we send personal or user-generated data. Other vendors that do not process customer data are not listed.

  • Security Review: We regularly review all sub-processors to ensure their technical and organizational measures meet the standards required by applicable data protection laws. Links to their security measures are provided below.

  • Processing Duration: Personal data will be processed for the duration that the customer uses the applicable service and for the retention periods outlined in our privacy policies and customer agreements.

  • Relevance: Not all suppliers listed will be relevant to your specific usage of our tools. We have created sections to help you identify the suppliers relevant to your services.

You can use the links below to navigate directly to the relevant sections:

1 Notification of Changes | 2 Our Sub-processors and Suppliers | 3 Product Usage | 4 General Communication and Billing | 5 Marketing and Sales | 6 Customer Success & Support | 7 Training and Workshops

Product Usage

Relevant 55 Degrees privacy policies: https://www.55degrees.se/privacy/customer-employees. Our DPA, located in our customer agreement, is also relevant here.

Supplier

Which App(s)?

Purpose for the Processing or Storage

Which Data?

When?

Where?

Vendor Links

Supplier

Which App(s)?

Purpose for the Processing or Storage

Which Data?

When?

Where?

Vendor Links

Amazon AWS

All Cloud Apps

Hosting Logs (S3 Global, CloudFront)

  • IP address

When you use our Cloud applications

Global (Data stored in region of user)

DPA | Supplementary Addendum | UK Addendum

All Cloud Apps

Storage for configurations required for operation of applications or features.

  • User Account IDs (a pseudonymized string)

Depending on configurations required for providing functionality.

EU (Stockholm)

Options for those eligible for data residency:

  • US (N. Virginia)

  • Australia (Sydney)

Standalone SaaS Apps

Authorization for OAuth connections to work management systems like Jira Cloud

  • OAuth Access Token (encrypted)

When you use an OAuth based wizard to connect to your work management system

EU (Frankfurt)

Apps in Azure DevOps

Processing authorization for our embedded Azure app.

  • Azure authenticated User ID

 

When you access ActionableAgile within your Azure DevOps Services instance

EU (Frankfurt)

DataDog

All Cloud Apps

Compliant log aggregation/management and security monitoring

 

When you use our Cloud applications

EU (Germany)

DPA | Privacy

Google Cloud (Firebase)

replacing with AWS

 

Apps in Azure DevOps

Storage of Authorized User Information.

  • Azure authenticated User ID

When you access our products within your Azure DevOps Services instance

EU

DPA | Privacy

Google Cloud (Firebase)

replacing with AWS

 

Our Standalone SaaS Apps

User Authentication

Processing/Storage of Authorized User Information.

  • Identifier (Email Address)

  • Authentication Provider Used

  • Created Date

  • Last logged-in date

  • Unique User ID

When you log into ActionableAgile Analytics (https://analytics.actionableagile.com)

EU

DPA | Privacy

MixPanel

All Cloud Apps

Product Usage Analytics

  • Subscription ID

  • Email domain of billing contact

  • Product Event information

  • Information about the computer, browser, and session length

  • Referrer URL/Domain

When you use our Cloud applications (not relevant for Server or Data Center Customers)

EU

DPA | Privacy

Product Fruits

All Cloud Apps

In-App User Help and Messaging (General and Context-Specific)

Measuring usefulness of in-app user help and messaging.

  • Unique user ID

  • Interaction analytics

  • Key user actions (to display contextual user messaging)

When you use our Cloud applications

EU

DPA | Privacy

Sentry

replacing with data dog

All Cloud Apps

Error logging and handling

  • Organization’s subscription ID

  • Information about the user’s computer, browser

When you experience a javascript error while using one of our Cloud applications

USA

DPA | Privacy

Jump to top

General Communication and Billing

All 55 Degrees privacy policies contain relevant purposes: https://www.55degrees.se/privacy/marketing , https://www.55degrees.se/privacy/websites , https://www.55degrees.se/privacy/suppliers , https://www.55degrees.se/privacy/customer-employees , https://www.55degrees.se/privacy/complaints

Supplier

Purpose for the Processing or Storage

Which Data?

When?

Where?

Vendor Links

Supplier

Purpose for the Processing or Storage

Which Data?

When?

Where?

Vendor Links

Docusign

Signing digital documents

  • Name

  • Email address

  • Signature

  • Signature Date

  • Location

  • Other information as required to fill in the document.

When you request access to restricted documents on trust.55degrees.se or if we otherwise, during our interactions, require the signing of digital documents.

EU

DPA | CertificationsPrivacy

Google Ireland

(Google Workspace, including Email)

 

Customer Email Communication

  • Email subjects,

  • Email bodies,

  • Email attachments,

  • Email senders,

  • Email message recipients

When you email us.

All data is stored at rest in Europe.

What data is covered by a data region policy?

DPA | Privacy

Kleer Group AB

(HQ: Sweden)

 

Quoting and Invoicing for customers paying by wire transfer

  • Email address(es)

  • Full Name

  • Organization Name & VAT number

  • Billing Address

When you request a quote or an invoice for products or services sold directly from 55 Degrees.

EU

DPA upon request | Privacy

 

Microsoft (Teams, OneDrive)

 

Video Meetings and Recording storage

  • Name and Email address of those registered for, and attending, a meeting

  • Chat logs

  • Video recordings (only upon consent of attendees)

When you register for or attend, a meeting hosted on the service.

EU

DPA | Privacy

Quaderno

 

SaaS VAT/Tax Compliance Service

  • Personal identification data: full name, address, phone number, and email address.

  • Financial data: tax ID, VAT number, bank account number, invoices, and credit notes.

  • Device-specific data: IP address (to comply with EU VAT rules for e-services).

When you purchase a paid course or other plans within the community

EU (Amsterdam)

via Digital Ocean’s data center

DPA | Privacy

Recurly

 

Subscription Management, including selected Transactional Emails

  • Email address(es)

  • Full Name

  • Organization Name & VAT number

  • Billing Address

  • Credit Card Information

  • Coupons applied

  • Account notes

  • Audit log of account management actions 

  • Audit log of system-generated emails sent to the customer

When you start, update, or cancel an evaluation or paid subscription for ActionableAgile Analytics (https://analytics.actionableagile.com ) or ActionableAgile for Azure DevOps.

USA

DPA | Privacy

 

Stripe

 

 

Credit card payment processing

  • Email address(es)

  • Full Name

  • Organization Name & VAT number

  • Billing Address

  • Credit Card Information

Upon purchase or renewal of a paid subscription for ActionableAgile Analytics (https://analytics.actionableagile.com ) or ActionableAgile for Azure DevOps.

Upon purchase or renewal of a paid course or plan for the Community Site.

USA

DPA | Privacy

Zoom

 

Video Meetings

Meeting Recording storage

Meeting Scheduling Service

  • Name and Email address of those registered for, and attending, a meeting

  • Chat logs

  • Video recordings (only upon consent of attendees)

When you register for or attend, a meeting hosted on the service.

USA (data at rest)

EU (data in transit)

DPA | Privacy

Jump to top

Marketing and Sales

Relevant 55 Degrees privacy policies: https://www.55degrees.se/privacy/websites, https://www.55degrees.se/privacy/marketing,

Supplier

Purpose for the Processing or Storage

Which Data?

When?

Where?

Vendor Links

Supplier

Purpose for the Processing or Storage

Which Data?

When?

Where?

Vendor Links

Brevo

Send Marketing Emails and track unsubscribe requests

  • Email Address

  • Date and method of consent

  • Newsletters subscribed to

  • Optional information provided such as Name, Company, Relevant interests

When you subscribe to our mailing lists

EU

DPA | Privacy

Hubspot

To track and manage product evaluations (pre-sales activities).

  • Name and Email address for crucial account contacts and power users

  • A record of activities with and emails to/from users associated with an account

  • Evaluation information (application, term, date, etc.)

When you sign up for, and communicate with us about, an evaluation/trial for one of our apps.

EU (Germany)

DPA | Privacy

Navattic

 

Understand the effectiveness of our interactive product demos

  • Pseudonymized identifier

  • information about how you interacted with our demo videos

When you view or interact with a product demo on our marketing websites.

USA

DPA | Privacy

WIX

 

Website Creation and Hosting Provider

  • WIX automatically collects information such as IP address, browser, OS, etc.

When you visit our website at https://55degrees.se

USA, EU, Japan, Israel (depending on what the information is and if WIX is using a subprocessor).

DPA | Privacy | Cookie Policy | ISO 27001 Compliance

Wordpress by Automattic

Website Creation and Hosting Provider. Services used:

  • wordpress.com

  • Akismet

  • Jetpack

  • Wordpress automatically collects information such as IP address, browser, OS, etc for their hosting logs.

When you visit our website at https://actionableagile.com

USA

DPA upon request | Privacy

Jump to top

Customer Success & Support

Relevant 55 Degrees privacy policy: https://www.55degrees.se/privacy/customer-employees

Supplier

Purpose for the Processing or Storage

Which Data?

When?

Where?

Vendor Links

Supplier

Purpose for the Processing or Storage

Which Data?

When?

Where?

Vendor Links

Arcade

 

Understand the effectiveness of our interactive product tutorials

  • Pseudonymized identifier

  • Hotspot interactions

  • CTA clicks

  • Step progress

When you decide to play an interactive product tutorial

USA

DPA | Privacy

Jira Service Management (Atlassian Corporation Plc)

 

Customer Support Request Management

  • Name and Email address

  • Organization name

  • Email address for issue participants

  • Content added to support requests  

Upon support request creation.

EU/EEA (primary)

USA (subset of core data)

DPA | Privacy | Data Transfer Impact Assessment