Subprocessors
When providing our services, we engage third-party companies as service providers to support our business, for instance to provide computing and storage services. Please also see our Privacy Policy for further information.
General concept
Our goal is to use as few third-party providers as possible, and to keep the majority of the data in one single place. We chose Google Cloud as our core computing and storage facility, using Google Ireland for our EU-based clients, and Google USA for everyone else. All employee-specific data like name, email, gender and also their reviews, feedback and recognition data stays in the Google Cloud. The only true exception is email: We do send emails to staff when something new has happened, like a praise from a peer, or their manager signed their review, or a 1:1 is about to start. Those mails contain some confidential data (name, email, content snippets). Most of these mails can get deactivated by the client, and for EU clients we use an EU-based email provider.
Beyond this, we make use of a few additional sub-processors to help deliver our service. We ensured to pick only respectable companies that put a major focus on security, encrypting data in transit and at rest. We use these providers to communicate with customers, to charge for our services, or to deliver in-app notifications.
We don’t share confidential data of “regular employees” with these systems. But we do share names and email addresses of SI admin users or business contacts, and those who specifically reach out to us. Otherwise we’d not be able to create bills, respond to support inquiries, or communicate product news. We also share high-level usage data (“company X has 12 review cycles with 934 reviews in total”) with select subprocessors so we can offer client assistance proactively.
Defaults and Options
By default our clients are hosted on the US Google server and make use of Sendgrid for email delivery. New clients may sign up using our EU server at https://eu.small-improvements.com, while existing clients can be easily transferred to the EU datacenter by requesting a move via support@small-improvements.com.EU clients can opt out of using Hubspot, Appcues and Google Analytics on the “Advanced Settings” screen.
Additional integrations like with Slack, Google Calendar or HRIS tools can be set up by clients on their own. We don’t list these optional processors below, since it’s up to every organization if they for instance wish to send data to Slack.
Subprocessor Overview
System | Data shared | Default Vendor | EU Alternative | Opt-Out possible for EU clients? |
---|---|---|---|---|
Application Hosting |
All sensitive data is hosted here, including |
Google Cloud |
Google Cloud |
|
Email Delivery | User names and email addresses Excerpts of confidential data like praise, 1:1 notes and more. |
Sendgrid |
Brevo |
|
Customer Relationship |
Company names and usage statistics Names and email addresses of admins and business contacts |
Hubspot, Inc. 25 First Street, 2nd Floor |
Yes, via settings-screen | |
Customer Invoicing | Company name and billing information Business contact names Staff headcounts and coarse usage statistics |
Chargebee Inc. 340 S Lemon Ave #1537 or Freshbooks |
Yes, manual invoice creation possible at surcharge |
|
Support Desk |
Company name Administrator names and emails Company headcount Potentially confidential information that is sent to us via mail |
Help Scout |
No, but under consideration | |
In-app User guidance | Company names and statistics Admin names and email addresses |
Appcues Inc. 54 Canal Street # 324
Boston, MA 02114, USA |
Yes, via settings-screen | |
Project Management (as of July 5 2023) |
Company names, admin names, screenshots of error screens that may contains user names |
Trello 55 Broadway 25th Floor, New York, NY USA
|
No | |
Customer surveys (as of July 5 2023) |
Company names, admin names and admin email addresses |
Typeform S.L. Bac de Roda, 163, 08018, Barcelona, Spain
|
No | |
UX research and survey platform (as of July 5 2023) | Admin- and user-names and email addresses |
Sprig, Inc. San Francisco, 140 2nd Street, 4th Floor, United States
|
No | |
Customer Service Platform (as of January 7th 2024) | Company names and usage statistics Names and email addresses of admins and business contacts |
Vitally 122 Rivington St
Floor 2 New York, NY 10002 |
No | |
Interactive Demo (from April 19th, 2024) | Names and email addresses of admins and business contacts, Company Names |
Navattic 261 Market Street #4301 San Francisco, CA 94114, USA
|
No | |
Customer Service Platform (from April 19th, 2024) | Company name Administrator names and emails Company headcount Potentially confidential information that is sent to us via mail |
Intercom Intercom R&D Unlimited Company, 2nd Floor, Stephen Court, 18-21 St. Stephen’s Green, Dublin 2, Republic of Ireland
|
No |
Return to Privacy Policy