Data Subprocessors

This list identifies third-party subprocessors authorized to process Customer Personal Data (i.e., personal data relating to identified or identifiable individuals) on behalf of aPriori in connection with its SaaS offerings and related services.

aPriori carefully vets its subprocessors and enters into written agreements with them that include data protection obligations consistent with applicable laws, including confidentiality, security, and data subject rights, in line with Article 28 of the GDPR. Subprocessors may perform functions such as hosting, storage, transmission, support, and other activities necessary to provide our services.

This list does not include subprocessors that handle only non-personal data (e.g., product or technical data) or tools used solely for aPriori’s internal business operations (e.g., sales, marketing, or recruiting) where aPriori acts as a controller.  We will provide notice of new subprocessors and an opportunity to object where required by applicable law or our Data Processing Addendum.

Standard Categories of Customer Personal Data (PII Only)

1. Customer Account & Contact Data – names, business contact details, job titles, account and billing information
2. User Authentication & Access Data – login details, authentication tokens, access logs
3. Usage, Technical & Support Data – logs, telemetry, IP addresses, device identifiers, support communications

AI / Machine Learning Disclosure

aPriori may use AI/ML service providers to support certain features. These providers act only on our behalf and process Customer Personal Data solely as needed to deliver the services. They are contractually restricted from using such data for their own purposes, including model training (unless expressly authorized), and from retaining it longer than necessary. AI/ML subprocessors are included here only where they process Customer Personal Data.

 

1. Infrastructure & Hosting

Subprocessor	Legal Entity	Purpose	Data Categories	Location	Transfer Mechanism
Amazon Web Services (AWS)	Amazon Web Services, Inc.	Cloud infrastructure hosting	Customer Account & Contact Data; User Authentication & Access Data; Usage, Technical & Support Data	United States; European Union	SCCs (as applicable), UK Addendum (as applicable), and/or EU-U.S. Data Privacy Framework
Google Cloud Platform (GCP) and Looker	Google LLC	Cloud hosting and analytics	Customer Account & Contact Data; User Authentication & Access Data; Usage, Technical & Support Data	United States; European Union	SCCs (as applicable), UK Addendum (as applicable), and/or EU-U.S. Data Privacy Framework

 

2. Core Application Services

Subprocessor	Legal Entity	Purpose	Data Categories	Location	Transfer Mechanism
Auth0	Okta, Inc.	Identity and authentication	Customer Account & Contact Data; Usage, Technical & Support Data	United States; European Union	SCCs (as applicable), UK Addendum (as applicable), and/or EU-U.S. Data Privacy Framework
Observe	Observe, Inc.	Log management	Usage, Technical & Support Data	United States	SCCs (as applicable)
SendGrid	Twilio Inc.	Email delivery	Customer Account & Contact Data; Usage, Technical & Support Data	United States	SCCs (as applicable), and/or EU-U.S. Data Privacy Framework
Zendesk	Zendesk, Inc.	Support ticketing	Customer Account & Contact Data; User Authentication & Access Data; Usage, Technical & Support Data	United States; European Union	SCCs (as applicable), and/or EU-U.S. Data Privacy Framework

 

3. Customer Engagement & Support

Subprocessor	Legal Entity	Purpose	Data Categories	Location	Transfer Mechanism
CloudShare	CloudShare Ltd. and CloudShare Inc.	Training lab environment	User Authentication & Access Data	United States; European Union	SCCs (as applicable)
Gainsight	Gainsight, Inc.	Customer success	Customer Account & Contact Data; Usage, Technical & Support Data	United States	SCCs (as applicable)
Gong	Gong.io Inc.	Call analytics	Customer Account & Contact Data; Usage, Technical & Support Data	United States	SCCs (as applicable)
LearnUpon	LearnUpon Ltd.	Learning management system	Customer Account & Contact Data; User Authentication & Access Data	European Union	Not applicable (EEA processing)
Nooks	Nooks Communications, Inc.	Sales engagement platform	Customer Account & Contact Data; Usage, Technical & Support Data	United States	SCCs (as applicable)
Salesforce	Salesforce, Inc.	CRM	Customer Account & Contact Data; Usage, Technical & Support Data	United States; European Union	SCCs (as applicable), UK Addendum (as applicable), and/or EU-U.S. Data Privacy Framework
Salesloft	Salesloft, Inc.	Customer communications	Customer Account & Contact Data	United States	SCCs (as applicable)

 

4. Marketing & Analytics

Subprocessor	Legal Entity	Purpose	Data Categories	Location	Transfer Mechanism
Demandbase	Demandbase, Inc.	Sales intelligence	Customer Account & Contact Data	United States	SCCs (as applicable)
Google Analytics	Google LLC	Website analytics and user behavior tracking	Usage, Technical & Support Data	US / EU	SCCs (as applicable)
Kinsta	Kinsta Inc.	Website hosting	Usage, Technical & Support Data	United States; European Union	SCCs (as applicable)
Marketo	Adobe Inc.	Marketing automation	Customer Account & Contact Data	United States	SCCs (as applicable), and/or EU-U.S. Data Privacy Framework
Synthesia	Synthesia Ltd.	AI-generated video content	Customer Account & Contact Data (limited)	United Kingdom; European Union	SCCs (as applicable), UK Addendum (as applicable)
Vidyard	Vidyard Inc.	Video analytics	Customer Account & Contact Data	United States; Canada	SCCs (as applicable)

 

5. Internal Business Applications (where customer data is incidentally used)

Subprocessor	Legal Entity	Purpose	Data Categories	Location	Transfer Mechanism
Asana	Asana, Inc.	Project management	Customer Account & Contact Data; Usage, Technical & Support Data	United States	SCCs (as applicable), and/or EU-U.S. Data Privacy Framework
Atlassian (Jira/OpsGenie)	Atlassian Pty Ltd	Incident tracking and alerting	Customer Account & Contact Data; Usage, Technical & Support Data	United States; Australia	SCCs (as applicable)
Certinia	Certinia Inc.	Professional services automation	Customer Account & Contact Data	United States	SCCs (as applicable)
NetSuite	Oracle America, Inc.	Accounting and billing	Customer Account & Contact Data	United States	SCCs (as applicable)
Tableau	Salesforce, Inc.	Analytics/Reporting	Usage, Technical & Support Data, and possibly Account Data	United States; European Union	SCCs (as applicable)

 

6. Affiliates

Subprocessor	Legal Entity	Purpose	Data Categories	Location	Transfer Mechanism
aPriori Technologies Germany GmbH	Affiliate of aPriori Technologies, Inc.	Support & operations	Customer Account & Contact Data; User Authentication & Access Data; Usage, Technical & Support Data	Germany	Not applicable (EEA processing)
aPriori Technologies India Private Limited	Affiliate of aPriori Technologies, Inc.	Engineering & support	Customer Account & Contact Data; User Authentication & Access Data; Usage, Technical & Support Data	India	SCCs (as applicable)
aPriori Technologies UK Limited	Affiliate of aPriori Technologies, Inc.	Support & operations	Customer Account & Contact Data; User Authentication & Access Data; Usage, Technical & Support Data	United Kingdom	UK Addendum (as applicable)

 

Transfers of Customer Personal Data outside of the EEA, UK, or Switzerland are conducted in accordance with applicable data protection laws using appropriate safeguards, including Standard Contractual Clauses, the UK International Data Transfer Addendum, and/or participation in the EU-U.S. Data Privacy Framework, as applicable.