This shows you the differences between two versions of the page.
Both sides previous revision Previous revision Next revision | Previous revision Last revision Both sides next revision | ||
wiki:policies:third_party [2023/10/06 16:37] katcow |
wiki:policies:third_party [2024/03/03 23:59] katcow |
||
---|---|---|---|
Line 1: | Line 1: | ||
- | ====== Third-Party Services and Subprocesors | + | ====== Third-Party Services and Subprocessors |
===== I. Purpose ===== | ===== I. Purpose ===== | ||
Line 29: | Line 29: | ||
Subprocessors handle user data processing tasks on behalf of the software application. | Subprocessors handle user data processing tasks on behalf of the software application. | ||
- | ^Name (Manufacturer)^ \\ Data Processing Agreement^Critical to application? | + | ^Name (Manufacturer)^ \\ Data Processing Agreement^Critical to application? |
- | |Airplane.dev|Signed, | + | |Airplane.dev|Signed, |
- | |Auth0|[[https:// | + | |Abstra| |No|Internal customer support applications|User emails and billing data|Brazil| |
- | |HubSpot|[[https:// | + | |Auth0|[[https:// |
- | |Metabase|[[https:// | + | |HubSpot|[[https:// |
- | |OpenAI|Signed, | + | |Metabase|[[https:// |
- | |Scite|[[https:// | + | |OpenAI|Signed, |
- | |Stripe|[[https:// | + | |Scite|[[https:// |
+ | |Stripe|[[https:// | ||
==== List of Infrastructure Providers ==== | ==== List of Infrastructure Providers ==== | ||
Line 43: | Line 44: | ||
^Name (Manufacturer)^Data Processing Agreement^Purpose^Data Processed| | ^Name (Manufacturer)^Data Processing Agreement^Purpose^Data Processed| | ||
- | |AWS (Amazon)|[[https:// | + | |AWS (Amazon)|[[https:// |
|GCP (Alphabet)|[[https:// | |GCP (Alphabet)|[[https:// | ||
Line 67: | Line 68: | ||
We will document roles. responsibilities, | We will document roles. responsibilities, | ||
+ | |||
+ | Upon client request, disclosure of all contracts with third party service providers where such third party service providers are involved in the client' | ||
==== Compliance and Updates ==== | ==== Compliance and Updates ==== | ||
Line 74: | Line 77: | ||
==== Communicating Updates ==== | ==== Communicating Updates ==== | ||
- | When new third party subprocessors | + | When new third party sub-processors |
+ | |||
+ | ==== Termination of Services ==== | ||
+ | |||
+ | When Nested Knowledge terminates a contract with a sub-processor, | ||
===== V. Third-Party Provider Data Breaches ===== | ===== V. Third-Party Provider Data Breaches ===== | ||
- | ^Timestamp^Event^Description^Reported By^Status| | + | ^Timestamp^Event^Description^Reporting^Status| |
- | |01-17-2023 10:34 ET|insert here|insert| |Resolved 01-17-2023 10:37 ET| | + | | \\ 07-13-2023 - \\ \\ 07-28-2023|Detection of vulnerabilities|Vulnerabilities with the H2 database.|[[https:// |
+ | | \\ 03-20-2023 1:00AM PT - \\ \\ 03-20-2023 10:00 AM PT|Leakage of other users' personal data|Other active users name, email address, credit card number, and credit card expiration date were visible to active Open AI users managing their subscriptions.|[[https:// | ||
+ | |03-18-2023|Compromised employee account|Affected 30 accounts in the Cryptocurrent industry.|[[https:// | ||
===== Revision History ===== | ===== Revision History ===== |