Updates to our Data Privacy Framework (June 2024)

As part of our ongoing commitment to providing an enhanced customer experience and strengthening the data privacy and security framework, we are announcing to all our customers the following important updates.

Updates to the Subprocessor List

We have updated and integrated our Subprocessors List as follows:

New subprocessors:

Beekeeper Group Entities: Beekeeper Poland Sp.z.o.o and Beekeeper (Germany) GmbH
Infoguard

We moved the following companies from the Third Party Use Statement (sunsetted) into the Subprocessors List:

Twilio
Zendesk
Apple
Firebase (listed as Google in the Third Party Use Statement)
Logz.io
Sentry
Pendo
Mixpanel
Grafana

We have added the following optional subprocessors (applicable if certain features and/or services are chosen by the customer)

Beekeeper USA Inc.
Kommunikationshelden GmbH
Zapier
Workato
AWS Cloudfront
Cloudflare
Open AI
Azure

Please visit our dedicated web page for the full list of subprocessors and more information on their processing activities: Beekeeper subprocessors

Alignment with industry standards and customer expectations

In line with standard market practice in our industry, and to comply with recent emerging local regulations, such as the new Swiss Data Protection Act, we decided to sunset the Beekeeper Third Party Use Statement, that is referenced in older versions of our DPA, and reinstate the relevant information from the Third Party Use Statement into our Subprocessor List.

Your benefits:

Increased transparency and elimination of ambiguities regarding the entities processing personal data within the platform as well as a clearer identification of the processing basis.
Right to be notified in case of changes affecting those subprocessors.

Improved Technical and Organizational Measures

In our commitment to strengthen the security of your data, we have enhanced our Technical and Organizational Measures (TOMs). Specifically, we have refined and expanded our internal training and awareness programs to provide a more comprehensive understanding of security protocols. These measures aim to empower our team with the latest insights and best practices, ensuring a heightened level of vigilance and competence in safeguarding your information. This update underscores Beekeeper’s dedication to maintaining the highest standards of security. It consists of improvements to the current TOMs, including:

Continuous access to security training materials and
Annual mandatory role based security trainings for engineers

Transition to the new set-up

Until these subprocessor updates are effective (timing depends on the specific provisions contained in the DPA between you and Beekeeper), the current contractual documentation will apply. This also includes the existing Third Party Use Statement where applicable.

Data Storage

The above updates will not impact your choice of data center. Your data will continue to be stored in the agreed data center.

Notice for customers without an executed data processing agreement

If your company is located in a jurisdiction requiring an agreement governing the processing of personal data, we want to inform you that personal data processed in the Beekeeper Frontline Success System will be processed according to our standard Data Processing Agreement as updated from time to time.

If you have any questions or require further clarification, please do not hesitate to reach out to subprocessor-update@beekeeper.io.

Thank you for your continued trust in Beekeeper!

Frequently Asked Questions

Do any changes identified in this notice affect which data center my data is stored in?

No, they don’t affect it and your data will continue to be stored in the same place you have selected.

Why are you sunsetting the Third Party Use Statement?

We truly believe in transparency. Given some feedback about the third party use statement being unclear and not necessary, we opted to sunset it and provide more favorable conditions to our customers. In fact, for those contractors moving from the third party use statement to the subprocessors list, customers can now benefit from notification in advance in case of variations. Also, Beekeeper now bears the responsibility for their conduct in processing customer’s personal data.

What are optional subprocessors?

The subprocessors listed as optional are those that, despite bringing considerable value to the product-related user experience, are providing services exclusively for non-core features and functionalities. This means that such subprocessors and connected functionalities might be deactivated without affecting the usage of the core of the Beekeeper platform.

What is the basis for the international transfer?

We transfer data to our subprocessors based on data processing agreements containing provisions about adequate technical and organizational measures and standard contractual clauses (SCCs).

How can I sign a Data Processing Agreement with Beekeeper (Beekeeper DPA)?

If you wish to execute a data processing agreement with Beekeeper, please contact dparequest@beekeeper.io.

Can my organization request to modify the Beekeeper DPA?

Our DPA has been drafted to align with our internal operations and our processing of customer personal data. It’s standardized across our customer base, so we are unable to accept any modifications.

Can Beekeeper sign my organization’s standard data processing agreement?

The DPA needs to align with the process of the services provided by Beekeeper. Therefore it is required for the DPA to be aligned to the service and business processes of Beekeeper. Those are fully reflected in the Beekeeper DPA.

I don’t want my data to be sent to the US.

Whenever we send data to US-located services, we make sure the transfer is based on SCC or Privacy Framework basis. However, if you don’t want your data to be transferred to the US, you will need to discontinue certain functionalities which use US subprocessors. View our subprocessor list for details about which features use the US subprocessors.