Follow us on our LinkedIn Page

Last Updated on September 11, 2023

ConstructN Corp utilizes various sub-processors and content delivery networks to support the provision of its services, as described in the Terms of Service. 

 

What is a sub-processor?

A sub-processor refers to any entity or individual that either has or may have access to personal data. This document elucidates ConstructN’s selection process for evaluating a sub-processor’s data handling practices, including security, privacy, and confidentiality.

 

Due Diligence

ConstructN is committed to employing a commercially reasonable selection process for assessing the security, privacy, and confidentiality practices of potential sub-processors who may access or process Service Data.

Contractual Safeguards

ConstructN mandates that its sub-processors adhere to equivalent obligations as specified in the Data Processing Agreement (“DPA”). These obligations encompass, among others:

  • Processing personal data in accordance with the data controller’s instructions.

  • Utilizing personnel who are dependable and bound by obligations of data secrecy or telecommunications secrecy, as applicable under relevant data protection laws.

  • Providing regular training in security and data protection for personnel with access to Personal Data.

  • Implementing and maintaining appropriate technical and organizational measures, relevant to their processing of personal data, with annual certification of compliance. In the absence of such certification, ConstructN reserves the right to conduct an audit of the sub-processor.

  • Promptly notifying ConstructN of any actual or potential security breaches.

  • Cooperating with ConstructN to address requests from data controllers, data subjects, or data protection authorities, as applicable.

Please note that this policy does not grant customers any additional rights or remedies and should not be construed as a binding agreement. The information herein serves to illustrate ConstructN’s engagement process for sub-processors and to provide the current list of third-party sub-processors and content delivery networks in use as of the date of this policy.

Process to Engage New sub-processors

For all customers who have accepted the standard exhibit, ConstructN commits to providing notice via this policy of updates to the list of sub-processors used or proposed for use in delivering its services. ConstructN pledges to regularly update this list to keep its customers informed about the scope of sub-processing associated with ConstructN Services.

Pursuant to the DPA, a customer has the right to object in writing to the processing of its Personal Data by a new sub-processor within thirty (30) days after the update of this policy. The objection should include legitimate reasons. Failure to object within this time frame implies acceptance of the new sub-processor(s).

 

In the event that a Customer objects to the use of a sub-processor per the DPA process, ConstructN has the following options for resolution:

(a) Ceasing the use of the sub-processor regarding Personal Data.

(b) Implementing corrective actions requested by the customer in its objection and proceeding to use the sub-processor for processing Personal Data.

(c) Ceasing to provide the particular aspect of a Customer Service that would involve the use of the sub-processor to process Personal Data, as agreed upon by the Customer.

Termination rights, when applicable and agreed upon, are exclusively defined in the DPA.

Current List of sub-processors and Content Delivery Networks (as of the date of this policy):

Infrastructure Sub-processors – Service Data Storage

ConstructN owns or controls access to the infrastructure hosting Service Data submitted to the Services, except as indicated below. Presently, ConstructN’s production systems for the Services are located in the United States. While the Customer’s Service Data remains in that region, it may be transferred among data centers within the region to ensure service performance and availability. The following table outlines the countries and legal entities involved in the storage of Service Data:

  • Cloud Service Providers:

    • Amazon Web Services: USA

Service Specific Sub-processors

ConstructN collaborates with specific third-party providers to deliver distinct functionalities within the Services. These providers are the sub-processors listed below, and they access Service Data solely for the purposes related to the indicated Services:

 

  • Amazon’s Cloudfront : Cloud based CDN  

  • Sendgrid: Cloud-Based Email Notification Service (United States)

  • Intercom.io: Customer Relationship Platform (United States)

  • MongoDB Atlas: Cloud Database Services (United States)

  • Hubspot Inc: Cloud-Based Marketing, Sales, and CRM Platform (United States)

  • Zoho Book: Cloud-Based Sales Platform (United States)

  • VCAD : Cloud-based visualization platform (United States)

  • Rocketlane: Cloud based customer onboarding platform (United States)

  • DocSend: Cloud based document tracking platform (United States)

  • DocuSign: Cloud based digital transaction platform  (United States)

 

This list reflects the current status of ConstructN’s sub-processors and content delivery networks as of the date of this policy.

Our website uses cookies to provide your browsing experience and relevant information. Before continuing to use our website, you agree & accept of our
Privacy Policy.