Privacy policy

Introduction

Bordr, LLC respects the privacy of its customers, suppliers and partners. We have therefore formulated and implemented a policy on complete transparency regarding the processing of personal data, its purpose(s) and the possibilities to exercise your legal rights in the best possible way. For employees, we have formulated a separate privacy policy, available upon employment and upon request.

Definitions

  • Party responsible for processing personal data: Bordr, LLC; with registered address at ​8 The Green, Ste 4000 Dover, DE 19901 and company registration number 7531118 (the “Controller”).
  • Data Protection Authority: The Data Protection Authority of USA.
  • Data Protection laws:
  • For European citizens or residents, the EU GDPR 2018; the EU e-privacy directive 2002 (soon to be replaced by the EU e-privacy regulation);
  • For UK citizens or residents, the UK GDPR 2020 and the UK Data Protection Act 2018
  • and/or the national laws of USA.


Collection of data

  • Your personal data will be collected by Bordr, LLC and its data processors.
  • Personal data means any information relating to an identified or identifiable natural person (‘data subject’).
  • An identifiable natural person is one who can be identified, directly or indirectly, in particular by reference to an identifier such as a name, an identification number, location data, an online identifier or to one or more factors specific to the physical, physiological, genetic, mental, economic, cultural or social identity of that natural person.


The types of personal data we may process:

Business process
Type
Data subject
Legal basis

Website

Identification, Financial, Date of Birth, Educational and employment history, Copy of ID, Location, Social Security Number, Contracts

Customers

Consent

Email

Identification, Financial, Date of Birth, Educational and employment history, Copy of ID, Location, Contracts

Customers, Employees, Contractors, Suppliers, Partners

Legitimate interest

Storage and exchange of documents

Not applicable

Not applicable

Legitimate interest

Delivery of goods and services

Identification, Financial, Date of Birth, Educational and employment history, Copy of ID, Location, Social Security Number, Contracts

Customers, Suppliers

Performance of a contract

Financial and business administration

Identification, Financial

Customers, Employees, Contractors, Suppliers, Partners

Legitimate interest

Marketing

Identification

Customers

Consent


Purposes

Bordr, LLC processes personal data for one or more of the following purposes:

  • Customer, employee, contractor, partner or supplier management
  • Business and financial administration
  • Direct marketing
  • Delivery of goods or services
  • Work planning


How we collect, store or otherwise process your data:

The following business processes describe how we may collect, store or otherwise process the types of personal information set out in the table above:

  • Collection of cookies, subscription to newsletter or filling out the contact form on the website(s);
  • Analyse trends and profiles, for our legitimate interest to aim to enhance, modify, personalise and improve our services and communications for the benefit of our customers;
  • Process and respond to support requests, enquiries and complaints received from you through use of business email;
  • Provide services and products requested and/or purchased by you and to communicate with you about such services and/or products. We do this as necessary in order to carry out a contract with you and in accordance with our legitimate interest to operate a business;
  • Carry out administrative activities such as invoicing and collecting payments either locally on devices or using cloud-services;
  • Store and exchange personal information contained in documents through email and cloud-services;
  • Marketing and customer acquisition through email or using cloud-services.


Sharing data with third parties

We may have to share your data with third parties, including third-party service providers. We require third parties to respect the security of your data and to treat it in accordance with the law.

We may transfer your Personal Data outside USA. If we do, you can expect a similar degree of protection in respect of your Personal Data.

We will only share your Personal Data with third parties in accordance with the GDPR and as outlined in the legal justification table above.

We share your personal data with the following enterprise third parties. We also share your data with SME third parties, details of which are available upon request. You will be notified when we have engaged with a new third party recipient of your personal data.

Airtable

Function

Document storage service, CRM, Task management or work planning

Business process

Software tools and applications

Data categories

Identification, Financial, Date of Birth, Educational and employment history, Copy of ID, Software tools and applications

Data subjects

Customers, Suppliers, Partners

Security measures

N/A

AWS

Function

Document storage service

Business process

Digital storage of documents

Data categories

Identification, Financial, Date of Birth, Educational and employment history, Copy of ID, Social Security Number, Contracts, Software tools and applications

Data subjects

Customers

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Calendly

Function

Appointment scheduling tool

Business process

Administration

Data categories

Identification, Software tools and applications

Data subjects

Customers, Employees, Contractors, Suppliers, Partners

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Google Analytics

Function

Marketing tool

Business process

Marketing

Data categories

Software tools and applications

Data subjects

Customers

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Google Workspace

Function

Email provider, Document storage service, Office software

Business process

Administration

Data categories

Identification, Financial, Contracts, Software tools and applications, Business data

Data subjects

Customers, Employees, Contractors, Suppliers, Partners

Security measures

N/A

Jira (Atlassian)

Function

Task management or work planning

Business process

Delivery of goods or services, Software tools and applications

Data categories

Software tools and applications, Business data

Data subjects

Employees, Contractors

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Box

Function

Document storage service

Business process

Digital storage of documents

Data categories

Identification, Financial, Date of Birth, Educational and employment history, Copy of ID, Social Security Number, Contracts, Software tools and applications

Data subjects

Customers, Suppliers

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Browser Flow

Function

Other software suite

Business process

Delivery of goods or services

Data categories

Software tools and applications

Data subjects

Customers

Security measures

N/A

1 Password

Function

Password manager

Business process

Administration

Data categories

Identification, Software tools and applications, Technical data

Data subjects

Employees

Security measures

N/A

Cloudflare

Function

Other software suite

Business process

Software tools and applications

Data categories

Software tools and applications

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

DigitalOcean

Function

Application hosting

Business process

Delivery of goods or services

Data categories

Software tools and applications

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Helpscout

Function

Customer service software

Business process

Software tools and applications

Data categories

Identification, Software tools and applications

Data subjects

Customers

Security measures

N/A

eSignatures

Function

Other software suite

Business process

Delivery of goods or services

Data categories

Identification, Date of Birth, Location, Software tools and applications

Data subjects

Customers

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Facbook Ads

Function

Marketing tool

Business process

Marketing

Data categories

Software tools and applications

Data subjects

Customers

Security measures

N/A

Facebook Analytics

Function

Marketing tool

Business process

Marketing

Data categories

Software tools and applications

Data subjects

Customers

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Heroku

Function

Application hosting

Business process

Software tools and applications

Data categories

Software tools and applications

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

iLovePDF

Function

Other software suite

Business process

Delivery of goods or services, Software tools and applications

Data categories

Identification, Date of Birth, Copy of ID, Location, Software tools and applications

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Mindee

Function

Other software suite

Business process

Software tools and applications

Data categories

Identification, Date of Birth, Copy of ID, Software tools and applications

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Other software suite

Function

Other software suite

Business process

Delivery of goods or services, Software tools and applications

Data categories

Identification, Financial, Date of Birth, Educational and employment history, Copy of ID, Location, Software tools and applications, Business data

Data subjects

Customers, Employees, Contractors, Suppliers, Partners

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Paperform

Function

Document storage service, Other software suite

Business process

Delivery of goods or services, Software tools and applications

Data categories

Identification, Financial, Date of Birth, Educational and employment history, Copy of ID, Location

Data subjects

Customers

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Paypal

Function

Payment software

Business process

Administration

Data categories

Identification

Data subjects

Partners

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Porkbun

Function

Other software suite

Business process

Software tools and applications

Data categories

Software tools and applications

Data subjects

Employees

Security measures

N/A

Postmark

Function

Email provider

Business process

Email

Data categories

Identification, Contracts, Software tools and applications

Data subjects

Customers

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Process Street

Function

Task management or work planning

Business process

Delivery of goods or services

Data categories

Identification, Financial, Copy of ID, Contracts, Software tools and applications

Data subjects

Customers, Suppliers

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Quickbooks

Function

Accountancy software, Bookkeeping software

Business process

Administration

Data categories

Software tools and applications, Business data

Data subjects

Customers, Employees, Contractors, Suppliers, Partners

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Rewardful

Function

Marketing tool

Business process

Marketing

Data categories

Identification, Software tools and applications, Business data

Data subjects

Customers, Partners

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

SendInBlue

Function

Marketing tool

Business process

Email

Data categories

Identification, Software tools and applications

Data subjects

Customers

Security measures

N/A

Slack

Function

Office software

Business process

Administration

Data categories

Identification, Software tools and applications, Business data

Data subjects

Employees, Contractors

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Stripe

Function

Payment processing software

Business process

Administration

Data categories

Identification, Financial, Location, Software tools and applications

Data subjects

Customers

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Webflow

Function

Website hosting

Business process

Website

Data categories

Identification, Financial, Software tools and applications

Data subjects

Customers

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Wise

Function

Payment software

Business process

Administration

Data categories

Identification, Financial

Data subjects

Customers, Employees, Contractors, Suppliers, Partners

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Zapier

Function

Other software suite

Business process

Delivery of goods or services, Software tools and applications

Data categories

Identification, Date of Birth, Copy of ID, Software tools and applications

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

TemplateTo

Function

Other software suite

Business process

Delivery of goods or services

Data categories

Identification, Date of Birth, Software tools and applications

Data subjects

Customers, Suppliers

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Google Ad Manager

Function

Marketing tool

Business process

Marketing

Data categories

Software tools and applications

Data subjects

Customers

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Google Tag Manager

Function

Other software suite

Business process

Software tools and applications

Data categories

Software tools and applications

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Notion

Function

Other software suite, Task management or work planning, Office software

Business process

Administration, Software tools and applications

Data categories

Software tools and applications, Business data

Data subjects

Employees, Contractors

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Slab

Function

Other software suite, Task management or work planning, Office software

Business process

Administration, Software tools and applications

Data categories

Software tools and applications, Business data

Data subjects

Employees, Contractors

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Baserow

Function

Other software suite

Business process

Software tools and applications

Data categories

Software tools and applications, Technical data

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Prometheus

Function

Other software suite

Business process

Software tools and applications

Data categories

Software tools and applications, Technical data

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Postgres

Function

Other software suite

Business process

Software tools and applications

Data categories

Software tools and applications, Technical data

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Graphana

Function

Other software suite

Business process

Software tools and applications

Data categories

Software tools and applications, Technical data

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Wireguard

Function

Other software suite

Business process

Software tools and applications

Data categories

Software tools and applications, Technical data

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.

Traefik

Function

Other software suite

Business process

Software tools and applications

Data categories

Software tools and applications, Technical data

Data subjects

Employees

Security measures

Physical security such as access controls, clean desk policy and CCTV; Access controls and prevention of unauthorised access on the basis of roles and strong authentication methods; All data is encrypted at rest and access is only permitted via encrypted channels (e.g. SSL); Data is minimized and regularly deleted according to national retention periods.


International data transfers

The third parties we have engaged for the abovementioned business process may transfer your personal information to outside of USA. Bordr, LLC’s third party processors take all necessary measures to ensure the confidentiality, availability and integrity of personal data and to comply with the GDPR with regards to international data transfers. The international nature of its compliance certifications, as well as far-reaching technical security measures (including but not limited to encryption of the personal data, making the data illegible to an unauthorised recipient) are sufficient to ensure that the data subjects continue to benefit from the fundamental rights they are entitled to under the GDPR.

Bordr, LLC relies on processing agreements with these sub-processors that include the model clauses (or “Standard Contractual Clauses”) which have been tested on the adequacy of its protection with regards to the specific sub-processing activities carried out in this particular subprocessing relationship.

Additional security measures are taken to safeguard the international data transfers:

  • Encryption;
  • Anonymisation;
  • Pseudonymisation.


Storage and protection of data

Your data is protected by Bordr, LLC and its processors in pursuance to all legal requirements set by the relevant data processing laws. Bordr, LLC has taken technical and organizational security measures to protect your data and requires its data processors to meet the same requirements. Bordr, LLC has signed processing agreements with its processors to ensure an adequate level of data protection.

The following security measures are taken by Bordr, LLC to protect your personal data in the course of the listed business processes:

Organisational security measures

Staff

Bordr, LLC staff members are required to conduct themselves in a manner consistent with Bordr, LLC’s guidelines regarding confidentiality, business ethics, appropriate usage, and professional standards.All staff members undergo appropriate background checks prior to hiring and sign a confidentiality agreement outlining their responsibility in protecting customer data.

We continuously train staff members on best security practices, including how to identify social hacks, phishing scams, and hackers.

Access controls

Bordr, LLC maintains your data privacy by allowing only authorized individuals access to information when it is critical to complete tasks for you. Bordr, LLC staff members will not process customer data without authorization.

Data hosting

As a rule, data is hosted within USA, but it is possible that we might transfer personal data to countries within the EEA, to the UK or in exceptional circumstances outside of those areas. We ensure that we comply with the GDPR and the DPA when sending data overseas by relying on data processing agreements containing standard contractual clauses with our subprocessors or by taking additional measures to secure this data transfer, such as anonymisation.

Physical security

The data centres on which personal data is hosted are secured and monitored 24/7 and physical access to facilities is strictly limited to select staff.

Technical security measures

All devices which are used to access personal data for which we are responsible are secured with antivirus software, firewalls, encryption and access management. We regularly update operating systems and software to ensure vulnerabilities cannot be exploited.

We carry out regular vulnerability scanning of our website and have engaged credentialed external auditors to verify the adequacy of our security and privacy measures.

Your rights regarding information

Each data subject has the right to information on and access to, and rectification, erasure and restriction of processing of their personal data, as well as the right to object to the processing and the right to data portability.

You can exercise these rights by contacting us at the following email address: info@bordr.com. Each request must be accompanied by a copy of a valid ID, on which you put your signature and state the address where we can contact you. Ensure that you write “Data Request” in the subject line of your email.

Within one month of the submitted request, you will receive an answer from us. We will not charge you for submitting your request unless the request is manifestly unfounded or otherwise unreasonable in its nature. Depending on the complexity and the number of the requests this period may be extended to two months.

Marketing

  • You may receive commercial offers from Bordr, LLC. If you do not wish to receive them (anymore), please send us an email to the following address: info@bordr.com and ensure that you write “Data Opt-Out” in the subject line of your email.
  • Your personal data will not be used by our partners for commercial purposes.
  • If you encounter any personal data from other data subjects while visiting our website, you are to refrain from collection, any unauthorized use or any other act that constitutes an infringement of the privacy of the data subject(s) in question. The collector is not responsible in these circumstances.


Data retention

The collected data are used and retained for the duration determined by law. You may, at any time, request your data to be deleted from any Bordr, LLC account, system or other data processing medium in accordance with the process described above.

Applicable law

These conditions are governed by USA legislation. The court in the district where the collector has its place of business has the sole jurisdiction if any dispute regarding these conditions may arise, save when a legal exception applies.

Contact

For questions about this privacy policy, product information or information about the website itself, please contact: info@bordr.com.

International data transfers

Airtable

Third party headquarter address

N/A

The primary location of processing is the N/A.

Personal data collected by Airtable may be stored and processed in any country where Airtable or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Airtable’s Privacy Policy

N/A

Google Workspace

Third party headquarter address

N/A

The primary location of processing is the N/A.

Personal data collected by Google Workspace may be stored and processed in any country where Google Workspace or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Google Workspace’s Privacy Policy

N/A

Jira (Atlassian)

Third party headquarter address

Level 6, 341 George Street, Sydney, Australia

The primary location of processing is the N/A.

Personal data collected by Jira (Atlassian) may be stored and processed in any country where Jira (Atlassian) or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Jira (Atlassian)’s Privacy Policy

https://www.atlassian.com/legal/privacy-policy

Browser Flow

Third party headquarter address

N/A

The primary location of processing is the N/A.

Personal data collected by Browser Flow may be stored and processed in any country where Browser Flow or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Browser Flow’s Privacy Policy

N/A

1 Password

Third party headquarter address

N/A

The primary location of processing is the N/A.

Personal data collected by 1 Password may be stored and processed in any country where 1 Password or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see 1 Password’s Privacy Policy

N/A

Helpscout

Third party headquarter address

N/A

The primary location of processing is the N/A.

Personal data collected by Helpscout may be stored and processed in any country where Helpscout or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Helpscout’s Privacy Policy

N/A

eSignatures

Third party headquarter address

470 Kilda Road, Melbourne VIC 3004, Australia

The primary location of processing is the N/A.

Personal data collected by eSignatures may be stored and processed in any country where eSignatures or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see eSignatures’s Privacy Policy

https://esignatures.io/legal/privacy-policy-20200307.pdf

Facbook Ads

Third party headquarter address

N/A

The primary location of processing is the N/A.

Personal data collected by Facbook Ads may be stored and processed in any country where Facbook Ads or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Facbook Ads’s Privacy Policy

N/A

Facebook Analytics

Third party headquarter address

Meta Platforms Ireland Ltd. 4 Grand Canal Square Grand Canal Harbour Dublin 2 Ireland

The primary location of processing is the N/A.

Personal data collected by Facebook Analytics may be stored and processed in any country where Facebook Analytics or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Facebook Analytics’s Privacy Policy

https://www.facebook.com/privacy/explanation/

iLovePDF

Third party headquarter address

Sabino de Arana 60 Barcelona

The primary location of processing is the N/A.

Personal data collected by iLovePDF may be stored and processed in any country where iLovePDF or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see iLovePDF’s Privacy Policy

https://www.ilovepdf.com/nl/hulp/privacy

Mindee

Third party headquarter address

14 rue Charles V 75004 Paris, France

The primary location of processing is the N/A.

Personal data collected by Mindee may be stored and processed in any country where Mindee or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Mindee’s Privacy Policy

https://mindee.com/privacy-policy

n8n

Third party headquarter address

Borsigstr. 27 10115 Berlin Germany

The primary location of processing is the N/A.

Personal data collected by n8n may be stored and processed in any country where n8n or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see n8n’s Privacy Policy

https://n8n.io/legal/privacy

Paperform

Third party headquarter address

54 Ingham Ave Five Dock NSW 2046, Australia

The primary location of processing is the N/A.

Personal data collected by Paperform may be stored and processed in any country where Paperform or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Paperform’s Privacy Policy

https://paperform.co/privacy/

Porkbun

Third party headquarter address

N/A

The primary location of processing is the N/A.

Personal data collected by Porkbun may be stored and processed in any country where Porkbun or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Porkbun’s Privacy Policy

N/A

Quickbooks

Third party headquarter address

2800 E Commerce Center Place, Tucson, AZ 85706, United States of America

The primary location of processing is the N/A.

Personal data collected by Quickbooks may be stored and processed in any country where Quickbooks or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Quickbooks’s Privacy Policy

https://www.intuit.com/privacy/statement/

Rewardful

Third party headquarter address

4555 Turner Square NW Edmonton, Canada T6R 3E4

The primary location of processing is the N/A.

Personal data collected by Rewardful may be stored and processed in any country where Rewardful or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Rewardful’s Privacy Policy

https://www.rewardful.com/privacy

SendInBlue

Third party headquarter address

N/A

The primary location of processing is the N/A.

Personal data collected by SendInBlue may be stored and processed in any country where SendInBlue or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see SendInBlue’s Privacy Policy

N/A

Wise

Third party headquarter address

6th Floor Tea Building, 56 Shoreditch High Street, London, United Kingdom, E1 6JJ

The primary location of processing is the N/A.

Personal data collected by Wise may be stored and processed in any country where Wise or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Wise’s Privacy Policy

https://wise.com/gb/about/security

TemplateTo

Third party headquarter address

Unknown

The primary location of processing is the N/A.

Personal data collected by TemplateTo may be stored and processed in any country where TemplateTo or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see TemplateTo’s Privacy Policy

https://templateto.com/privacy-policy

Prometheus

Third party headquarter address

Unknown

The primary location of processing is the N/A.

Personal data collected by Prometheus may be stored and processed in any country where Prometheus or its affiliates, subsidiaries, or service providers operate facilities.

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

For more information, see Prometheus’s Privacy Policy

Unknown

Thiago Vinicius Vieira

Country where data is processed or sent to

Portugal

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

THIAGO VIEIRA CONSULTING, LDA

Country where data is processed or sent to

Portugal

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

Nuno Sousa Moniz & Associates

Country where data is processed or sent to

Portugal

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

eBookkeeping Solutions

Country where data is processed or sent to

USA

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

Plano Tax Prep

Country where data is processed or sent to

USA

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible

Banco ATLANTICO Europa

Country where data is processed or sent to

Portugal

Safeguards (art. 45 GDPR)

Standard Contractual Clauses

Additional safeguards (Schrems II)

  • Encryption
  • Anonymisation where possible
  • Pseudonymisation where possible


Safeguards for international data transfers

Bordr, LLC’s third party processors take all necessary measures to ensure the confidentiality, availability and integrity of personal data and to comply with the GDPR with regards to international data transfers. The international nature of its compliance certifications, as well as far-reaching technical security measures (including but not limited to encryption of the personal data, making the data illegible to an unauthorised recipient) are sufficient to ensure that the data subjects continue to benefit from the fundamental rights they are entitled to under the GDPR.

Bordr, LLC relies on processing agreements with these sub-processors that include the model clauses (or “Standard Contractual Clauses”) which have been tested on the adequacy of its protection with regards to the specific sub-processing activities carried out in this particular subprocessing relationship.

Additional security measures are taken to safeguard the international data transfers:

  • Encryption;
  • Anonymisation;
  • Pseudonymisation where possible.
  • Where Pseudonymisation is used by this third-party processor, they ensure that the personal data can no longer be attributed to a specific data subject without the use of additional information.
  • This additional information is kept separately; and
  • Technical and organisational measures are taken to ensure that the personal data cannot be attributed to identifiable persons (encryption; database and data separation; access controls; and logging).