Sub-processors engaged by Connective
As indicated in our Data Processing Agreement (“DPA”), Connective engages certain Sub-processors to assist in the performance of the (license) agreement between Connective and its Clients . The terms and definitions used in this document (“Sub-processor Listing”) shall have the same meaning as defined in Connective’s License Terms and Conditions (“License Terms and Conditions”).
 By default such license agreement between Connective and the Client is named “License Terms and Conditions”.
What is a Sub-processor?
A Sub-processor is a third-party data processor engaged by Connective who has or potentially will have access to or process Personal Data in respect of the performance of the License Terms and Conditions.
Connective engages different types of Sub-processors to perform various functions as explained below. Such services provided by our Sub-processors are essential for making available all functionalities in our Products.
Connective executes with each Sub-processor a data processing agreement and requires its Sub-processors to satisfy equivalent obligations as those required from Connective (as a Data Processor towards its Clients) as set forth in Connective’s DPA, including but not limited to:
Process for Engaging New Sub-processors
Clients who executed Connective’s standard DPA will be notified by Connective via the procedures included in this policy in case the Sub-processor Listing is being updated.
Connective undertakes to keep this Sub-processors Listing updated regularly to enable its Clients to stay informed of the scope of sub-processing activities associated with the Connective Products.
In the event a new material Sub-processor is onboarded by Connective in respect of the Products the Client is using, the Client will be notified within reasonable timing before such new Sub-processor will have access to the Client’s Personal Data. A notification will be send to the Client’s contact person indicated in the DPA, and the present Sub-processing Listing will be updated (and made available for online access).
Each Client shall have the right to object to the engagement of a new Sub-processor by Connective on reasonable grounds and by giving Connective’s DPO Office written notice of such objection. In this case Connective and the Client shall discuss in good faith to find a solution acceptable for both parties.
Infrastructure Sub-processors – Data Storage and Hosting
Currently, the Connective production systems used for hosting data in respect of the Connective Products are located in co-location facilities in Europe, and in the infrastructure of the Sub-processor listed below.
|Entity Name||Entity Type||Entity Country|
|Microsoft Azure||Cloud Service Provider||The Netherlands|
|Microsoft Azure||Cloud Service Provider||Ireland|
Product Specific Sub-processors
Connective works with certain third parties to provide specific functionalities within the Connective Products. These third parties are the Sub-processors indicated below . In order to provide the relevant functionality these Sub-processors might access Personal Data. The processing activities performed by such Sub-processors is limited to the Products in scope as set out below.
 This Sub-processor Listing includes all material Sub-processors which Connective engages for the functioning of its Products. Non-material Sub-processors (e.g. freelance support staff or IT developers) are not listed
|Entity Name||Purpose||Product(s)||Entity Country||Certifications|
|CM Telecom||SMS Gateway|
Sending SMS messages
|eSignatures||The Netherlands||ISO 27001, ISO 9001|
|iDIN||Identification via the Dutch iDIN Scheme||eSignatures|
|The Netherlands||ISO 27001, ISO 9001|
|itsme®||Identification, authentication and e-signing||eSignatures|
|Belgium||ISO 27001, QTSP|
Mass mailing service provider
|The Netherlands||ISO 27001, ISO 9001|
Timestamping & Certificates
Depending on the services you use, third parties are engaged in the offering of specific functionalities such as timestamping and issuing certificates. In this respect, we might engage the following certificate authorities and timestamping providers:
|Certigna||RGS/eIDAS certificate||RGS/eIDAS European Union Trusted Lists (EUTL)|
|Certigna||Timestamping||RGS/eIDAS European Union Trusted Lists (EUTL)|
|GlobalSign||Certificate||Adobe Approved Trusted List (AATL)|