Last Updated: June 13, 2022

To support the delivery of our Services, Reciprocity, Inc. (“Reciprocity”) (or one of its Affiliates listed below) uses services providers (each, a “Subprocessor”) that may store or process Customer Data which may contain personal data.

Reciprocity requires its subprocessors to satisfy equivalent obligations as those required from Reciprocity (as a Data Processor) as outlined in Reciprocity’s Data Processing Agreement (DPA), including but not limited to the requirements to:

  • process personal data following data controller’s (i.e., Customer’s) documented instructions (as communicated in writing to the relevant subprocessor by Reciprocity);
  • in connection with the subprocessing activities, use only personnel who are reliable and subject to a contractually binding obligation to observe data privacy and security, to the extent applicable, under applicable data protection laws;
  • promptly inform Reciprocity about any security breach; and
  • cooperate with Reciprocity to address requests from data controllers, data subjects, or data protection authorities, as applicable.

The following table describes the legal entities acting as a subprocessor for Reciprocity, the service that subprocessor relates to, the function that subprocessor performs on behalf of Reciprocity, the categories of personal data processed by that subprocessor on behalf of Reciprocity, the location of the processing, the adequacy mechanism utilized between that subprocessor and Reciprocity, and a link to the public DPA that subprocessor offers.

Third Party Risk Management is conducted annually on all subprocessors.

Name Service Service Provided by Subprocessor Category of PII Processed Location of Processing Adequacy Safeguards Public DPA Link
Aha!
  • ROAR
  • Corporate
Product Feedback Contact information United States Standard Contractual Clauses Aha! DPA (Public)
Auth0
  • ROAR
Identity Authentication Provider Contact information; technical identifiers. United States Standard Contractual Clauses Auth0 DPA (Public)
AWS
  • ZenGRC
  • ROAR
Cloud Service Provider Contact information; technical identifiers. United States Standard Contractual Clauses AWS DPA (Public)
Cloudflare
  • Corporate
  • ROAR
Content Distribution and DNS Services Technical identifiers United States Standard Contractual Clauses Cloudflare DPA (Public)
Datadog
  • ZenGRC
  • ROAR
Infrastructure and Cloud Application Monitoring Contact information; technical identifiers. United States Standard Contractual Clauses Datadog DPA (Public)
Drift
  • Corporate
Marketing Contact information United States Standard Contractual Clauses Drift DPA (Public)
Gong.io
  • ROAR
  • Corporate
  • ZenGRC
Business Intelligence Contact information; screen and voice recordings. United States Standard Contractual Clauses Gong.io DPA (Public)
Google Workspace
  • Corporate
Business Productivity Contact information; technical identifiers. United States Standard Contractual Clauses Google Workspace DPA (Public)
Marketo
  • Corporate
Marketing Contact information United States Standard Contractual Clauses Marketo DPA (Public)
Momentive, Inc. (GetFeedback)
  • ZenGRC
Surveys Contact information United States Standard Contractual Clauses Momentive, Inc. DPA (Public)
Pendo.io
  • ROAR
Platform Usage Analytics Contact information United States Standard Contractual Clauses Pendo.io DPA (Public)
Salesforce.com, Inc.
  • ZenGRC
  • ROAR
  • Corporate
Customer Relations Management and Customer Service Contact information; technical identifiers. United States Standard Contractual Clauses Salesforce.com, Inc. DPA (Public)
Segment.io, Inc.
  • ZenGRC
Customer Data Infrastructure Platform Contact information; technical identifiers. United States Standard Contractual Clauses Segment.io, Inc. DPA (Public)
Sisense, Inc.
  • ZenGRC
Business Intelligence Contact information; technical identifiers. United States Standard Contractual Clauses Sisense, Inc. DPA (Public)
Slack Technologies
  • ZenGRC
  • ROAR
  • Corporate
Collaboration and Communications Contact information; technical identifiers. United States Standard Contractual Clauses Slack Technologies DPA (Public)
Snowflake
  • ROAR
  • Corporate
  • ZenGRC
Data Lake/Data Warehouse Contact information; technical identifiers. United States Standard Contractual Clauses Snowflake DPA (Public)
Zoom
  • Corporate
Collaboration and Communications Contact information; voice and/or screen recording United States Standard Contractual Clauses Zoom DPA (Public)

Reciprocity Subsidiaries

Depending on the geographic location of a Customer or their authorized users, and the nature of the Services provided, Reciprocity may also engage our subsidiary to deliver some or all of the Services to a Customer.

Entity Name Country
Reciprocity, d.o.o. Slovenia