Sub-processors engaged by Connective

Scope

Information made available on this webpage relates to the following services provided by Connective:

Sub-processor listing

As indicated in our Data Processing Agreement (“Data Processing Agreement”), Connective engages certain sub-processors (“Sub-processors”) to assist in the performance of the agreement between Connective and its clients (“Client”). Such Sub-processors are involved to offer specific functionalities or services included within our solutions*. By means of this declaration (“Sub-processor Listing”) we are informing you in all transparency on the Sub-processors involved when using our services and on the procedure which applies when a new Sub-processor would be engaged by Connective.

 

*  Please note the information provided via this page applies only in case you have opted for the default set-up of Connective’s services as a hosted SaaS solution. If you opted for a specific set-up, we refer to the relevant data processing agreement executed. 

But first, what exactly is a Sub-processor?

A Sub-processor is a data processor engaged by Connective who has or potentially will have access to or process personal data when you are using our services.

Connective engages different types of Sub-processors to perform various functions as explained below. Such services provided by the Sub-processors we engage are essential for making available all functionalities of the services we offer. In the overview below, Sub-processors are listed per service we offer.

When Connective would engage new Sub-processors

Clients who signed Connective’s Data Processing Agreement will be notified by Connective in case the Sub-processor Listing is being updated, aligned with the procedures included in the Data Processing Agreement and as explained on this webpage.*

Connective undertakes to update this Sub-processors Listing regularly to enable its Clients to stay informed of the scope of sub-processing activities associated with our services.

In the event a new material Sub-processor is onboarded by Connective in respect of the service the Client is using, the Client will be notified within reasonable timing before such new Sub-processor will have access to the Client’s personal data. A notification will be send to the Client’s contact person indicated in the Data Processing Agreement, and the present Sub-processor Listing will be updated (and made available for online access via this webpage).

Each Client shall have the right to object to the engagement of a new Sub-processor by Connective by giving Connective written notice of such objection via dpo@connective.eu within thirty (30) days after Connective has notified the Client. In such case Connective and the Client shall discuss in good faith to find a solution acceptable for both parties. If Connective has not received any objection within such time period, the (new) Sub-processor engaged shall be deemed accepted by the Client.

* If you subscribed to Nitro Sign Premium via one of the other Nitro Group entities, please note the provisions of your agreement will prevail to what is set out here.

Sub-processors engaged in our services

Connective eSignatures

Connective eSignatures is by default hosted via Microsoft Azure in co-location facilities in Europe. Depending on your specific set-up, other hosting providers or locations can be in scope as well.*

Entity NameEntity TypeData Center LocationCertifications
Microsoft AzureCloud Service ProviderAmsterdam and Dublin ISO 27001, ISO/IEC 27701, ISO 27018, SOC 1, SOC 2, SOC3.

* If you subscribed to Nitro Sign Premium via one of the other Nitro Group entities, you can opt for Microsoft Azure Data Centers located in the United States (Virginia) or Australia (New South Wales – Sydney).

Depending on the functionalities activated on your Connective eSignatures environment, the following Sub-processors are engaged to ensure all functionalities within Connective eSignatures are available.

Entity NamePurposeEntity LocationCertifications
CM.com*SMS OTP signing method: SMS Gateway sending SMS messagesThe NetherlandsISO 9001, 14001, 20000-1, 27001 certified
Tripolis*Email OTP signing: Email Gateway, mailing service providerThe NetherlandsISO 27001
iDINIdentification via the Dutch iDIN schemeThe Netherlands
CriiptoIntermediary party related to the Nordics Identity SchemesDenmark
MTarget**SMS OTP Signing Method: SMS Gateway sending SMS messagesFrance

* If you subscribed to Nitro Sign Premium via one of the other Nitro Group entities, email OTP signing might be performed by Notarius and SMS OTP signing by Amazon Web Services.

** MTarget is currently not applicable in case of a default set-up and will only be in scope in case of specific demands of the client.

For the provisioning of support services related to Connective eSignatures, the following Sub-processor is engaged.

Entity NamePurposeEntity Location
Salesforce (Service Cloud)Management tool for support services related to Connective eSignatures in general (web-based ticketing system)United States

The following third party data controllers may process (personal) data to ensure all functionalities are available when using Connective eSignatures. These parties are not considered a Sub-processor to Connective but qualify as a separate data controller as per the activities they perform. Please note several of these third party data controllers are only applicable in case you are using specific functionalities within Connective eSignatures.

Entity NamePurposeCertifications
Belgian Mobile ID (itsme® Services) Provisioning of itsme® Services (for identification, authentication and e-signing)Qualified Trust Service Provider, ISO 27001
Finnish Trust NetworkProvisioning of services related to the Finnish Trust Network
Nem ID / MitIDProvisioning of services related to Nem ID/MitID
Norwegian Bank IDProvisioning of services related to Norwegian Bank ID
Swedish Bank IDProvisioning of services related to Swedish Bank ID
Swisscom Provisioning of Swisscom Signing Service Qualified Trust Service Provider, ISO 27001

Connective eSignatures engages third parties for offering timestamping services and issuing certificates. These parties are by default not considered a Sub-processor to Connective. In this respect, we might engage the following certificate authorities and timestamping providers:

Entity NamePurposeCertifications
CertignaIssuing of RGS/eIDAS certificates and timestamping servicesRGS/eIDAS European Union Trusted Lists (EUTL)
CamerfirmaIssuing of eIDAS certificates and timestamping services
GlobalSignIssuing of certificateseIDAS European Union Trusted Lists (EUTL)Adobe Approved Trusted List (AATL)
BE-YSIssuing of certificates (only for specific client set-ups) eIDAS European Union Trusted Lists (EUTL), ISO 27001
NotariusRemote hash signing and timestampingNotarius will only be applied for customers signed up to Nitro Sign Premium

Connective Digital Signing Service

Connective Digital Signing Service is by default hosted via Microsoft Azure in co-location facilities in Europe. Depending on your specific set-up, other hosting providers or locations can be in scope as well.

Entity NameEntity TypeData Center Location
Microsoft AzureCloud Service ProviderAmsterdam and Dublin

* If you subscribed to Nitro Sign Premium via one of the other Nitro Group entities, you can opt for Microsoft Azure Data Centers located in the United States (Virginia) or Australia (New South Wales – Sydney).

For the provisioning of support services related to Connective Digital Signing Service, the following Sub-processors are engaged.

Entity NamePurposeEntity Location
Salesforce Service CloudManagement tool for support servicesUnited States

Connective Digital Signing Service engages third parties for offering timestamping services and issuing certificates. These parties are by default not considered a Sub-processor to Connective. In this respect, we might engage the following certificate authorities and timestamping providers:

Entity NamePurposeCertifications
CertignaIssuing of RGS/eIDAS certificates and timestamping servicesRGS/eIDAS European Union Trusted Lists (EUTL)
CamerfirmaIssuing of eIDAS certificates and timestamping services
GlobalSignIssuing of certificateseIDAS European Union Trusted Lists (EUTL)Adobe Approved Trusted List (AATL)
BE-YSIssuing of certificates (only for specific client set-ups) eIDAS European Union Trusted Lists (EUTL), ISO 27001
NotariusRemote hash signing and timestampingNotarius will only be applied for customers signed up to Nitro Sign Premium

Connective Validation Service

Connective Validation Services are by default hosted via Microsoft Azure in co-location facilities in Europe. Depending on your specific set-up, other hosting providers or locations can be in scope as well.

Entity NameEntity TypeData Center Location
Microsoft AzureCloud Service ProviderAmsterdam and Dublin

* If you subscribed to Nitro Sign Premium via one of the other Nitro Group entities, you can opt for Microsoft Azure Data Centers located in the United States (Virginia) or Australia (New South Wales – Sydney).

For the provisioning of support services related to Connective Validation Services, the following Sub-processors are engaged.

Entity NamePurposeEntity Location
Salesforce Service CloudManagement tool for support servicesUnited States

Connective Identity Services

Connective Identity Services is by default hosted via Microsoft Azure in co-location facilities in Europe. Depending on your specific set-up, other hosting providers or locations can be in scope as well.

Entity NameEntity TypeData Center Location
Microsoft AzureCloud Service ProviderAmsterdam and Dublin

For the provisioning of support services related to Connective Identity Services, the following Sub-processors are engaged.

Entity NamePurposeEntity Location
Salesforce Service CloudManagement tool for support servicesUnited States

Connective Identity Hub

Connective Identity Hub is by default hosted via Microsoft Azure in co-location facilities in Europe. Depending on your specific set-up, other hosting providers or locations can be in scope as well.

Entity NameEntity TypeData Center Location
Microsoft AzureCloud Service ProviderAmsterdam and Dublin

For the provisioning of support services related to Connective Identity Hub, the following Sub-processors are engaged.

Entity NamePurposeEntity Location
Salesforce Service CloudManagement tool for support servicesUnited States

The following third party data controllers may process (personal) data to ensure all functionalities are available when using Connective Identity Hub. These parties are not considered a Sub-processor but qualify as a separate data controller as per the activities they perform.

Entity NamePurposeCertifications
Belgian Mobile ID (itsme® Services) Provisioning of itsme® Services (for identification and authentication)Qualified Trust Service Provider, ISO 27001
Electronic IDProvisioning of video identification servicesISO 27001, QTSP

Connective Smart Documents

Connective Smart Documents is by default hosted via Microsoft Azure in co-location facilities in Europe. Depending on your specific set-up, other hosting providers or locations can be in scope as well.

Entity NameEntity TypeData Center Location
Microsoft AzureCloud Service ProviderAmsterdam and Dublin

Depending on the functionalities activated on your Connective Smart Documents environment, the following Sub-processors are engaged to ensure all functionalities within Connective Smart Documents are available.

Entity NamePurposeEntity LocationCertifications
TripolisEmail Gateway, mailing service providerThe NetherlandsISO 27001

For the provisioning of support services related to Connective Smart Documents, the following Sub-processors can be engaged. Please note several of these Sub-processors are only applicable in case you are using specific services or connectors.

Entity NamePurposeEntity Location
Salesforce Service CloudManagement tool for support servicesUnited States

Nitro/ Connective Group Companies

The following entities are members of the Nitro/ Connective Group Companies

Entity NameEntity Location
Connective France SASFrance
Connective NVBelgium
Nitro Software EMEA LimitedIreland
Nitro Software LimitedAustralia
Nitro Software Canada LimitedCanada
Nitro Software, Inc.USA

This page was last updated on 28/02/2022

Nous sommes là, prêts à répondre à toutes vos questions.

Pour toute question concernant
la protection des données

Pour toute question concernant le
TSP