Perceptyx Sub-Processors
Sub-Processors
Posted April 7, 2025 - Effective as of May 7th
Perceptyx uses certain sub-processors to assist in providing Perceptyx services. A sub-processor is a third party data processor engaged by Perceptyx who agrees to receive personal data from Perceptyx intended for processing activities necessary to support delivery of services. Perceptyx performs due diligence on the technical and organizational security measures of all sub-processors, and requires each to commit to obligations regarding their security controls and applicable regulations for the protection of personal data.
he table below shows information for each sub-processor including the sub-processing activity, the company’s location of processing, the services in which the sub-processor is used and the lawful transfer mechanism. To see archived versions of Perceptyx ‘s Authorized Sub-processors, click here.
Third Party Sub-Processors
|
Entity Name |
Sub Processing Activity |
Entity Country |
Product(s) |
Lawful Transfer Mechanism |
|
Amazon Web Services, Inc. |
Cloud compute servers and storage; communications |
USA, EU | All Perceptyx Products | Data Privacy Framework, SCC |
|
Microsoft Corporation |
Cloud compute servers and storage, and/or language translation of comments |
USA |
All Perceptyx Products |
Data Privacy Framework, SCC |
|
Google LLC |
Cloud computing as well as incidental account management and administration |
USA |
All Perceptyx Products |
Data Privacy Framework, SCC |
|
Datadog, Inc. |
Infrastructure monitoring |
USA |
All Perceptyx Products |
Data Privacy Framework, SCC |
|
Mixpanel, Inc. |
Product Analytics |
USA |
All Perceptyx Products |
Data Privacy Framework, SCC |
|
OKTA, Inc. (IaaS) |
IDP MFA SSO SAML provider |
USA |
All Perceptyx Products |
Data Privacy Framework, SCC |
|
Snowflake, Inc. |
Data warehouse |
USA, EU |
All Perceptyx Products |
Data Privacy Framework, SCC |
|
Splunk, Inc. |
Security monitoring, logging and analytics |
USA |
All Perceptyx Products |
Data Privacy Framework, SCC |
|
Slack, Inc. |
Incidental account administration |
USA |
Customer Support |
Data Privacy Framework, SCC |
|
Textline, Inc. |
Customer support |
USA |
Customer Support |
SCC |
|
Call Experts, LLC |
Customer support |
USA |
Customer Support |
SCC |
|
Freshworks Inc. |
Used to receive and track customer support tickets |
USA |
Customer Support |
Data Privacy Framework, SCC |
|
LenioLabs, LLC |
Supplemental product engineering support and professional services. |
Argentina, Chile, Uruguay, Peru |
Product Support, Professional Services |
SCC |
|
Encora Digital LLC |
Supplemental product engineering support and professional services. |
Bolivia, Colombia, India, Mexico, Peru |
Product Support, Professional Services |
SCC |
|
Multiplier Technologies Pte. Ltd., |
Supplemental product engineering support and professional services. |
Argentina, Armenia, Australia, Czech Republic, Poland, Romania, USA |
Product Support, Professional Services |
SCC |
Optional Third Party Sub-Processors
|
Entity Name |
Sub Processing Activity |
Entity Country |
Product(s) |
Lawful Transfer Mechanism |
|
OpenAI, LLC |
AI capabilities, including generative AI |
USA |
Generative AI Products (Customer opt in required). Consulting services. |
SCC |
|
Twilio, Inc. |
Text messages for launching surveys; communications. |
USA |
Core (formerly Ask) |
Data Privacy Framework, SCC |
|
Responsive Translation Services (Clark Media Corp) |
Translation of non-English materials, including survey questions |
USA |
All Perceptyx Products |
SCC |
Perceptyx may also engage one or more of its affiliates as sub-processor to deliver some or all of the services.
|
Entity Name |
Sub Processing Activity |
Entity Country |
|
Perceptyx, Inc. |
General services and support |
USA |
What responsibilities and liabilities does Perceptyx have as processors for our clients?
In addition to SCC and DPA contractual obligations to our clients, or the data controllers, Perceptyx is also held liable under GDPR. If we fail to meet our obligations, or act outside or against the data controller’s instructions, we may be liable to pay damages in legal proceedings, or be subject to fines or other penalties or corrective measures.
As a data processor, we can not engage a sub-processor’s services without the data controller’s prior specific or general written authorization in the SCC and DPA. Agreements must be amended anytime a new data processor is added. To get authorization we as Perceptyx (the processor) must put in place a contract with the sub-processor. The terms of the contract that relate to Article 28(3) must offer an equivalent level of protection for the personal data as those in the contract between the controller and processor. We remain liable to the controller for the compliance of any sub-processors we engage.
How does Perceptyx select Sub-processors to support our service?
Any sub-processor that we choose must have the same level of controls that meet GDPR. Perceptyx ensures a proper vetting process to meet our strategic goals & values when we choose a new sub-processor. All sub-processors that we have chosen (AWS, Azure, and Okta) are well suited to meet the controls of GDPR.
When does Perceptyx communicate about sub-processors?
Sub-processors are shared during the initial signing of a new contract, renewal, or at any point a new sub-processor is added. Email communications are sent to our client partners of any pending changes, giving them the opportunity to comment. Any individual objections, comments, or needs will be supported by the Client Relationship Manager. This page will also continuously be updated with a current list of sub-processors and what they do for us.
We have no objections. Do we need to physically amend the agreements now?
If no objection within the 30-day window, agreement to the sub-processor additions is implied and no further action will need to be taken until time of contract renewal. If individual clients object or have immediate contract requirements, please reach out to your Client Relationship Manager for support. It is recommended to update the agreements at the time of the renewal for customers that have agreed.
Objecting to A Sub-Processor
Please submit your reasonable objection via this LINK. If you first have additional questions, please reach out to your Client Relationship Manager for further support.