Explore Rannkly in Action
Enhance Your Awareness with Multiple Listening Platforms
Last Modified: September 1, 2023
Rannkly, Inc. (“Rannkly”) leverages the support of various sub-processors and content delivery networks to facilitate the provision of Rannkly Services, as outlined in our Terms of Service. The definitions provided herein align with those in the Terms.
A subprocessor refers to a third-party data processor engaged by Rannkly, who either currently has access to or may potentially access Service Data, which may include Personal Data. Rannkly collaborates with different types of sub-processors to execute various functions, as detailed in the tables below. Subcontractors, on the other hand, refer to third parties who are engaged to provide Services but do not access or process Service Data.
Rannkly commits to an extensive due diligence process in which we rigorously assess the security, privacy, and confidentiality practices of prospective sub-processors who either have or may gain access to Service Data.
Rannkly mandates that its sub-processors meet obligations equivalent to those set forth for Rannkly (as a Data Processor) in our Data Processing Agreement ("DPA"). These obligations include, but are not limited to:
1. Processing Personal Data in accordance with the documented instructions of the data controller (i.e., Subscriber), as communicated in writing to the relevant subprocessor by Rannkly.
2. Utilizing personnel who are reliable and bound by contractual obligations to observe data privacy and security, in line with applicable data protection laws.
3. Providing regular training on security and data protection to personnel granted access to Personal Data.
4. Implementing and maintaining appropriate technical and organizational measures, including measures consistent with those stipulated in Rannkly's contractual commitments. Sub-processors must provide an annual certification to demonstrate compliance with these measures. In the absence of such certification, Rannkly reserves the right to audit the subprocessor.
5. Promptly informing Rannkly of any actual or potential security breaches.
6. Cooperating with Rannkly in addressing requests from data controllers, data subjects, or data protection authorities, as needed.
This policy does not grant Subscribers any additional rights or remedies and should not be construed as a binding agreement. The information here serves to illustrate Rannkly's engagement process for sub-processors and provides the up-to-date list of third-party sub-processors and content delivery networks employed by Rannkly as of the date of this policy (which Rannkly may utilize in delivering and supporting its Services).
If you are a Rannkly Subscriber and wish to enter into our DPA, please reach out to us at firstname.lastname@example.org.
For all Subscribers who have executed Rannkly's standard DPA, Rannkly will notify you through this policy of updates to the list of sub-processors utilized or proposed for use in delivering our Services. Rannkly commits to maintaining this list regularly to keep our Subscribers informed about the extent of sub-processing associated with Rannkly Services.
Under the DPA, Subscribers have the option to object in writing to the processing of their Personal Data by a new subprocessor within thirty (30) days after the policy update, providing legitimate reasons for their objection. If a Subscriber does not object within this timeframe, the new subprocessor(s) will be considered accepted.
If a Subscriber objects to the use of a subprocessor according to the DPA's process, Rannkly has the right to address the objection through one of the following options (to be selected at Rannkly's sole discretion):
(a) Cease using the subprocessor for Personal Data processing.
(b) Implement the corrective actions requested by the Subscriber in their objection (thereby removing the objection) and proceed to use the subprocessor for Personal Data processing.
(c) Cease to provide the particular aspect of a Rannkly Service that involves the use of the subprocessor to process Personal Data, temporarily or permanently, with the Subscriber's agreement.
Termination rights, as applicable and agreed, are exclusively detailed in the DPA.
Below is the most current list (as of the date of this policy) of the names and locations of Rannkly sub-processors and content delivery networks:
Rannkly maintains ownership or control of the infrastructure used for hosting Service Data submitted to our Services, with the exception as noted below. Presently, Rannkly's production systems for the Services are located in Mumbai, India. The following table outlines the countries and legal entities involved in storing Service Data for Rannkly.
|Amazon Web Services, Inc.
|Cloud Service Provider
Rannkly collaborates with specific third parties to deliver specialized functionality within our Services. These providers, defined as Subprocessors, access Service Data to deliver the relevant functionality, restricted to the designated Services.
|Cloud Communications Platform (SMS)
|Cloud Based Database Service
|Cloud Based NLP ( Natural Language Processing) Service
|Payment Processing Platform
|Cloud Based Websocket Service
As previously explained, Rannkly's Services may utilize content delivery networks ("CDNs") to ensure the provision of Services, enhance security, and optimize content delivery. CDNs do not have access to Service Data but serve as distributed systems designed to deliver content based on the geographic location of the user and the origin of the content provider. Content served to website visitors and domain name information may be cached by CDNs for efficient transmission, and CDNs may access transmitted data to perform their functions.
|Cloudfront by Amazon Web Services, Inc.