Patent Notice

ASAPP products may be covered by the following patents:

ASAPP, Inc. (“ASAPP”) uses certain sub-processors, and content delivery networks to assist it in providing the ASAPP Services.

What is a Sub-processor?

A sub-processor is a third-party data processor engaged by ASAPP, who has or potentially will have access to or process customer data (which may contain personal data). ASAPP engages different types of sub-processors to perform various functions as explained in the tables below.

Due Diligence

ASAPP undertakes to use a commercially reasonable selection process by which it evaluates the security, privacy and confidentiality practices of proposed sub-processors that will or may have access to or process customer data.

Contractual Safeguards

ASAPP executes an agreement with our Subprocessors, including but not limited to the requirements to:

  • Restrict the Subprocessors’ access to customer data only to what is necessary to assist ASAPP in providing or maintaining the ASAPP Services, and prohibit the Subprocessor from accessing customer data for any other purpose
  • In connection with their sub-processing activities, use only personnel who are reliable and subject to a contractually binding obligation to observe data privacy and security, to the extent applicable, pursuant to applicable data protection laws
  • Make clear that ASAPP will remain responsible for its compliance with the obligations of any applicable agreements between us and our customers and for any acts or omissions of the Subprocessor that cause ASAPP to breach any of its obligations under those agreements
  • Implement and maintain appropriate technical and organizational measures (including measures consistent with those to which ASAPP is contractually committed to adhere to insofar as they are equally relevant to the sub-processor’s processing of Personal Data on ASAPP’s behalf) and provide an annual certification that evidences compliance with this obligation. In the absence of such certification ASAPP reserves the right to audit the sub-processor
  • Promptly inform ASAPP about any actual or potential security breach and cooperate with ASAPP in order to deal with requests from data controllers, data subjects or data protection authorities, as applicable

The information below is a list of third-party sub-processors, and content delivery networks used by ASAPP as of the date of this policy (which ASAPP may use in the delivery and support of its Services).

Sub-processors—Service Data Storage and Processing

ASAPP owns or controls access to the infrastructure that ASAPP uses to host and process customer data submitted to the ASAPP Services, other than as set forth herein. Currently, the ASAPP production systems used for hosting customer data for the ASAPP Services are located in co-location facilities in the United States and Europe and in the infrastructure sub-processors listed below.

Sub-processorServices ProvidedActual Location of ProcessingLink to Security Policy
ASAPP SAS Ltd. (Argentina)Employees of ASAPP’s wholly owned subsidiary located in Argentina who perform engineering and development servicesArgentinaNo link
To be provided by Processor
ASAPP Limited (UK)Employees of ASAPP’s wholly owned subsidiary located in the UK who perform engineering and development servicesUKNo link
To be provided by Processor
ASAPP UY SA (Uruguay)Employees of ASAPP’s wholly owned subsidiary located in Uruguay who perform engineering and development servicesUruguayNo link
To be provided by Processor
ASAPP Canada Inc. (Canada)Employees of ASAPP’s wholly owned subsidiary located in Canada who perform engineering and development servicesUruguayNo link
To be provided by Processor
ASAPP India(initially through Vistra as EOR)Employees of ASAPP’s wholly owned subsidiary located in India who perform engineering and development servicesIndiaNo link
To be provided by Processor
ASAPP Employees working remotelyEmployees of ASAPP that work remotely (for example while on vacation)All counties except for any country subject to US OFAC sanctions, or whose laws or general geopolitical environment poses a reasonable risk to the protection of dataNo link
To be provided by Processor
AWSHosting services for the ASAPP PlatformUShttps://aws.amazon.com/security/
Flexential, Inc.Colocation servicesUShttps://www.flexential.com/compliance-certifications-and-attestations
TranscribeMeSpeech Transcription Services and UMR data annotation and labeling servicesUS, Canada, Portugal, UK, Australia, New Zealandhttps://www.transcribeme.com/privacy-policy-crowd
SisenseData analyticsUShttps://www.sisense.com/privacy-policy/
ZendeskProduction Incident ReportingUShttps://www.zendesk.com/product/zendesk-security/
Apple Business ChatCustomer CommunicationUShttps://www.apple.com/privacy/
Google MessagingCustomer CommunicationUShttps://policies.google.com/privacy
Google Cloud PlatformSpeech-to-textUShttps://cloud.google.com/security/
TwilioSends application texts/SMS for customer configured alertsUShttps://www.twilio.com/legal/privacy
Meta Platforms, Inc.WhatsApp messaging serviceUShttps://www.whatsapp.com/security
Lohika (part of Capgemini Engineering)Engineering servicesUS, Indiahttps://capgemini-engineering.com/us/en/privacy-policy
Toptal ServicesEngineering servicesUSA, India, Czech Republichttps://www.ltts.com/about-us/quality-enabling-business-excellence
https://www.ltts.com/privacy-policy
Deel GroupEmployer of Record for engineering servicesSri Lanka, Greecehttps://www.letsdeel.com/privacy
OpenAIAI training and predictions APIsUShttps://openai.com/privacy/
Surge Labs Inc.Data LabelingUShttps://www.surgehq.ai/privacy-policy
Defined AIData LabelingUShttps://www.defined.ai/privacy-policy/
CoreWeaveGPU ProcessorUShttps://docs.coreweave.com/resources/terms-of-service/security-and-compliance
SnowflakeData warehousingUShttps://www.snowflake.com/product/security-and-trust-center/
CohereAI trainingUShttps://cohere.ai/privacy
CloudflareContent distribution, web application firewall and DNS services for web traffic transmitted to and from the ServicesUShttps://www.cloudflare.com/trust-hub/abuse-approach/
MiratechEngineering ServicesUSA, Canada, India, Argentina, Uruguay, UK, Spainhttps://miratechgroup.com/privacy-notice-terms-of-use/