Vendor and Sub-Processor List (GDPR)

Mary Connaughton
Mary Connaughton
  • Updated

To more fully comply with the requirements of GDPR and worldwide information security and privacy regulations, RapidRatings has decided to provide full transparency into our vendors and sub-processors under GDPR.

Currently, all RapidRatings vendors house data in the United States of America.


Core Service Providers 

RapidRatings services requires the use of the following underlying core service providers to fulfil our service to our clients and FHRX Members.


  Feature/Function  PII Description  Data location  Vendor requires access to data  Vendor may request access to data 
AWS  IaaS, PaaS  No PII  USA 
MS Dynamics  Counterparty Management & workflow  Supplier contact details: Name, Email, Phone number  USA 
Zendesk  Client Service desk  Client contact details: Name, Email  USA 
Office 365  Email, Intranet, document repository, collaboration  Client or supplier email addresses from direct correspondence  USA 
Salesforce  Sales, leads, opportunities  Client contact details: Name, Email, phone number  USA 
Churn Zero  Client Engagement management  Client end user contact details: Name, Email  USA  Client engagement management  Call recording, client email  USA 
Linked Squares  Client Contract Management  Contract PII  USA 


Technical Providers 

The following services are used for various technical service management functions. The services below are managed in-house but reside on external vendors platforms.  


Vendor  Feature/Function  PII Description  Data location  Vendor requires access to data  Vendor may request access to data 
Alert Logic  Security services, IDS, logging  Log data  USA 
DataDog  Application and system logging  Log data  USA 
Mailgun  Outbound Email infrastructure  Log data  USA 
SentryIO  Application Event Management  Log data  USA 
Stripe  Payment Processor  No PII  USA  Usage analytics  No PII  USA 

Note that log data may contain PII such as user ID or email. 


Updates to the Vendor and Sub-Processor List

All vendors are assessed in detail at the onset of an engagement to ensure that they meet the high standards of information security, privacy, and compliance to industry, legal, and regulatory frameworks. 

RapidRatings periodically assesses whether each vendor is the best fit for RapidRatings, as well as our clients and FHRX Member’s needs. If a change needs to be made, RapidRatings will post the updated Vendor and Sub-Processor list periodically.

Was this article helpful?

0 out of 1 found this helpful

Have more questions? Submit a request