As part of our GDPR compliance Really Simple Systems ensures that all our subprocessors who can access customer data are GDPR compliant, and that we have individual contracts with them enforcing GDPR compliance.

The following subprocessors are authorised to access our customers’ data:

Entity Location Service
SendGrid Inc United States of America Delivery of emails and return of statistics such as opens, clickthroughs and bounces. For customers using the Marketing module only.

The following subprocessors provide infrastructure services but are not authorised to access our customers’ data:

Entity Location Service
CloudFlare United States of America DNS and anti-DDOS
Google Cloud Belgium, United Kingdom Cloud hosting
Redstation United Kingdom Data Centre

We use the following services in order to run our business and communicate with our customers and prospects:

Entity Location Service
GoCardless United Kingdom Payment services
Google Analytics United States of America Web site analytics
Google Apps United States of America Email and document storage
LogMeIn United States of America Web Conferencing
MailJet France Notification emails
PayVector United Kingdom Payment services
SnapEngage United States of America Online Chat
SurveyMonkey United States of America Online Surveys

If you use the following third-party products then data from the CRM will be passed to them. They are not legally our subprocessors as your contract is directly with them:

Entity Location Service
KashFlow United Kingdom Cloud Accounting
SageOne United Kingdom Cloud Accounting
Xero New Zealand Cloud Accounting
Zapier United States of America Integration to other cloud services