Orlo uses certain sub-processors and content delivery networks to assist it in providing the Services.
Orlo Sub Processors
Overview
What is a Sub-processor
A sub-processor is a third party data processor engaged by Orlo, who has or potentially will have access to or process Service Data (which may contain Personal Data). Orlo engages different types of sub-processors to perform various functions as explained in the tables below.
Due Diligence
Orlo uses a commercially reasonable selection process by which it evaluates the security, privacy and confidentiality practices of proposed sub-processors that will or may have access to or otherwise process Service Data.
Process to Engage New Sub-processors:
For all Subscribers who have executed Orlo’s standard DPA, Orlo will provide notice via this policy of updates to the list of sub-processors that are utilized or which Orlo proposes to utilize to deliver its Services. Orlo will keep this list updated regularly to enable its Subscribers to stay informed of the scope of sub-processing associated with the Orlo’s Services.
List of sub processors
Below you can find a list of all sub processors that are related to your data processing:
| Company Name | Website | Description | Contract Start Date | Categorised Risk Level | Data Categorisation | ISO/IEC 27001 accredited | Security Notes | Data Location | Users configured properly | 2FA enabled | Auditor |
|---|---|---|---|---|---|---|---|---|---|---|---|
| Google Cloud | https://cloud.google.com/ | Provides a cloud infrastructure to run our SAAS offering | 01-01-2017 | High Risk | Level 1: Highly sensitive corporate or customer data | Yes | Security Page | UK | Yes | Yes | CTO |
| AWS | https://aws.amazon.com/ | Provides a cloud infrastructure to run our SAAS offering | 01-01-2017 | High Risk | Level 1: Highly sensitive corporate or customer data | Yes | Security Page | UK | Yes | Yes | CTO |
| MSFT Azure | https://azure.microsoft.com/ | Provides a cloud infrastructure to run our SAAS offering | 18-11-2020 | High Risk | Level 1: Highly sensitive corporate or customer data | Yes | Security Page | UK | Yes | Yes | CTO |
| Filestack | https://www.filestack.com/ | Tool used to make uploads from your browser to our servers easy | 01-01-2015 | Moderate Risk | Level 1: Highly sensitive corporate or customer data | Aiming for 2020 completion | N/A | USA | Yes | Yes | CTO |
| Sendgrid | https://sendgrid.com/ | Used to send notifications via email, no data included in the emails. | 01-01-2015 | Low Risk | Level 2: Sensitive internal data | Yes | Security Page | USA | Yes | No | CTO |
| Twilio | https://www.twilio.com/ | Provides us with API’s in to call, SMS and WhatsApp services | 01-07-2019 | High Risk | Level 1: Highly sensitive corporate or customer data | Yes | Security Page | UK | Yes | Yes | CTO |
| Datadog, Inc. | https://www.datadoghq.com/ | Datadog is an observability service for cloud-scale applications, providing monitoring of servers, databases, tools, and services, through a SaaS-based data analytics platform. | 01-09-2022 | High Risk | Level 1: Highly sensitive corporate or customer data | Yes | Security Page | EU | Yes | Yes | CTO |
Secure as standard
Over 300 customers, including 2/3rds of UK Policing, over 100 Local Authorities and many Central Government bodies, trust Orlo with to keep their data safe, and it’s one of our top priorities. Find out all about the processes we have in place to keep everything under lock and key.
Back to Security Hub
Think we might be the one you want?
Discover the world of Orlo from your desk with a 30-minute platform demo tailored to you!
