Alignment with Data Privacy Regulations

Alignment with Data Privacy Regulations

Bravado is committed to alignment to applicable data privacy regulations. Below are some examples of the ways in which our organization is aligned to data privacy regulations.

If you are unable to find what you are looking for, please contact us at hello@bravado.co.

Investment in security

Bravado is committed to maintaining the highest security standards. We have bolstered our investment in security, including MFA enforcement, employee security training, new security policies, vulnerability testing, end-to-end encryption, scalability from the infrastructure, and more.

Updated terms

We have updated our policies and terms to align with GDPR and CCPA and clearly outline our data privacy and security procedures.

Standard Contractual Clauses (SCCs) — (SCCs)

Bravado relies on SCCs to address data transfers from the EEA/UK to other countries including the United States.

Data Processing Agreements (DPAs)

Bravado has DPAs in place with its subprocessors to address the handling of personal data on Bravado’s behalf.

Data Subprocessors List

This list identifies the subprocessors that are authorized to process personal data for the Bravado Services. Please note that this is a current list as of the date of this notice and may be updated from time to time.

  • Amazon Web Services, Inc.

Name of Entity: Amazon Web Services, Inc., AWS Subprocessors
Entity Country: United States
Entity Type: Cloud Infrastructure
Security and Privacy: AWS Cloud Security, AWS Data Privacy, AWS Privacy

  • Amplitude

Name of Entity: Amplitude, Amplitude Subprocessors
Entity Country: United States
Entity Type: Analytics
Security and Privacy: Amplitude Security, Amplitude Privacy

  • Fullstory

Name of Entity: Fullstory
Entity Country: United States
Entity Type: Analytics
Security and Privacy: Fullstory Security, Fullstory Privacy

  • Google

Name of Entity: Google, Google Subprocessors
Entity Country: United States
Entity Type: Analytics and Authentication
Security and Privacy: Google Analytics Data Security, Google Analytics Privacy

  • Hubspot

Name of Entity: Hubspot, Hubspot Subprocessors
Entity Country: United States
Entity Type: Customer Engagement
Security and Privacy: Hubspot Security, Hubspot Privacy

  • LinkedIn

Name of Entity: Linkedin, Linkedin Subprocessors
Entity Country: United States
Entity Type: Authentication
Security and Privacy: Linkedin Security, Linkedin Privacy

  • CloudFlare

Name of Entity: CloudFlare, CloudFlare Subprocessors
Entity Country: United States
Entity Type: Content Delivery
Security and Privacy: CloudFlare Security, CloudFlare Privacy

  • Iterable

Name of Entity: Iterable, Iterable Subprocessors
Entity Country: United States
Entity Type: Customer Engagement
Security and Privacy: Iterable Security, Iterable Privacy

  • Mailgun

Name of Entity: Mailgun, Mailgun Subprocessors
Entity Country: United States
Entity Type: Customer Engagement
Security and Privacy: Mailgun Security, Mailgun Privacy

A Data Subject Access Request (“DSAR”)

A DSAR is a formal request made by an individual to inquire about the information held by the company about that individual. To submit a DSAR, please email us at security@bravado.co.