Xref uses its Affiliates and a range of third party Sub-processors to assist it in providing the Services (as described in the Agreement). These Sub-processors set out below provide cloud hosting and storage services; reporting services, sales & marketing services and user services; assist in providing customer support; as well as incident tracking, response, diagnosis and resolution services.
Xref hosts its platform (application, APIs, background services and data) in AWS in four different regions (Sydney, Frankfurt, Toronto and North Virginia). All of the personal data is stored in the databases in the region chosen by the customer.
We run tableau instance in our Sydney region which is used to generate various reports, scheduled and on-demand.
Xref uses this service to observe user behaviour, interaction with various elements on the application and to identify issues in its user experience.
Neither Hotjar nor Xref can identify an individual from the data held.
All data Hotjar collects is stored electronically in Ireland, Europe on the Amazon Web Services infrastructure, eu-west-1 datacenter. Application servers and database servers run inside an Amazon VPC, Virtual Private Cloud. The database containing visitor and usage data is only accessible from the application servers and no outside sources are allowed to connect to the database. Data retention times are no longer than 365 days.
This is a logging service that we use for application logging. Logs from all applications from all regions are collated here. These logs do not include any personal data. These are purely for our development team for monitoring and debugging. The data is retained for 30 days. The entirety of Papertrail’s systems are located inside the United States. Log data will only be stored outside the United States if a customer attaches an S3 bucket from a non-US region to their Papertrail account. This bucket would be used to store copies of log archives that can be retained for a potentially indefinite amount of time by the customer.
Neither Papertrail nor Xref can identify an individual from the data held.
Xref uses this transactional email provider for consistent delivery of emails to the users. The data is retained for 30 days. SendGrid’s US-based data centers are located in Herndon, VA; Las Vegas, NV; and Chicago, IL.
Xref uses this transactional email provider for consistent delivery of emails to the users. The data is retained for 30 days. Mailgun is hosted within both the EU and the US.
Xref uses this transactional email provider for consistent delivery of emails to the users. The data is retained for 30 days. As per Mandrill's (MailChimp) data processing information "Mailchimp [Mandrill] may transfer and process Customer Data to and in the United States and anywhere else in the world where Mailchimp, its Affiliates or its Sub-processors maintain data processing operations."
Marketo is used as Xref’s marketing automation platform for prospect data collection, email marketing and management of marketing campaigns. Data stored includes, but is not limited to: IP address, online behaviour (i.e. page visits) and, once Xref has consent, name, email, job title. Data is stored in Sydney, Australia and can be purged at request.
Google Analytics is used by Xref to track traffic and behaviours across all of Xref’s websites and web applications. Data in Google Analytics is anonymised. Platform and web visitors have the option of opting out of tracking by not accepting cookies on the Xref website.
Facebook’s tracking pixel is used across the Xref website to track website visitors for retargeting purposes. Data collected includes web pages visited, button-click data and form field names (more details at the above link). Web visitors have the option of opting out of tracking by not accepting cookies on the Xref website.
The LinkedIn Insight Tag is used across the Xref website to track website visitors for retargeting purposes. Data collected includes: metadata such as IP address, timestamp, and page events (like page views). For more information see the above link. Web visitors have the option of opting out of tracking by not accepting cookies on the Xref website.
Xref use Salesforce as their CRM platform. We hold customer data within Salesforce, as well as prospective customer data for the purpose of sales and account management. Data is stored by Salesforce in their Japan region.