vSignify Sub-Processors

Effective Date: 17 October 2024

Introduction
CloudHew Solutions LLC (doing business as vSignify) (“vSignify,” “we,” “our,” or “us”) is committed to maintaining transparency with our users regarding the third-party service providers that facilitate the delivery of our products and services. This document outlines our sub-processors in accordance with our obligations under applicable data protection laws, including the General Data Protection Regulation (“GDPR”) in the European Union. These third-party service providers, referred to as sub-processors, engage in specific processing activities involving personal data as part of our operations.

The terms “process,” “processing,” “processed,” and “personal data” used herein align with the definitions established by the GDPR and other relevant legal frameworks. We require all sub-processors to implement robust security measures designed to safeguard personal data and comply with their respective legal obligations. For your convenience, additional information regarding our sub-processors, including links to their data processing terms, is provided below.

1. Purpose and Scope of Processing
   Our sub-processors assist us in various capacities, including but not limited to:

• Infrastructure Services: Providers that supply back-end infrastructure and hosting services necessary for the operation of our products, ensuring data storage, processing capabilities, and overall system reliability.
• Analytics and Performance Monitoring: Service providers that facilitate the analysis of product performance and usage metrics, enabling us to enhance functionalities and user experiences.
• Technical Support and Maintenance: Third-party vendors responsible for technical support, system maintenance, and troubleshooting, ensuring uninterrupted service delivery.

2. Data Protection and Security Measures
   In compliance with GDPR and other applicable data protection regulations, we ensure that all sub-processors are bound by contractual agreements that mandate the implementation of appropriate technical and organizational measures to protect personal data. These measures include:

• Regular security audits and assessments to ensure compliance with industry standards.
• Data encryption, both in transit and at rest, to protect personal data from unauthorized access.
• Strict access controls and authentication protocols to limit access to personal data only to authorized personnel.

3. Sub-Processor List
   Below is a non-exhaustive list of our current sub-processors, including their respective roles in our processing activities:

4. Data Transfers
   Where applicable, any transfer of personal data to our sub-processors will be conducted in accordance with applicable data transfer regulations, including the establishment of Standard Contractual Clauses or other legal mechanisms as required under the GDPR.
5. Changes to Sub-Processor Engagement
   We reserve the right to engage new sub-processors or modify existing sub-processor arrangements. In such instances, we will provide notification of any material changes and ensure that all new sub-processors are subject to equivalent data protection obligations.
6. User Rights
   As a user of our services, you retain certain rights under applicable data protection laws, including the right to access, rectify, or erase your personal data. Should you have any inquiries or concerns regarding the processing of your personal data or our use of sub-processors, please contact our legal department using the information provided below.

Contact Information
For further inquiries or concerns regarding our sub-processors or data protection practices, please contact:

CloudHew Solutions LLC (d/b/a vSignify)
Attention: Legal Department
Mailing Address: 131 Continental Drive, Suite 301, Newark, DE, 19713
Email: legal@vSignify.com
Website: vSignify.com

This document is intended to reflect our commitment to compliance with applicable data protection laws and our dedication to safeguarding your personal data.