Third-Party Service Providers
For purposes of Data Protection Law, as defined in our Data Protection Privacy Policy, Kondukto may engage the following entities as Subprocessors to process personal data that you upload to Kondukto's ASPM Platform ("Customer Personal Data"):
| Infrastructure Sub-Processors | Description of Processing | Data Types |
|---|---|---|
| Amazon Web Services, Inc. | Cloud Provider | Kondukto ASPM platform runs on top of AWS, GCP, and Microsoft Azure. These cloud providers host the personal data you store in the Cloud Services. |
| Google Inc | Cloud Provider | Kondukto ASPM platform runs on top of AWS, GCP, and Microsoft Azure. These cloud providers host the personal data you store in the Cloud Services. |
| Microsoft Corporation (Microsoft Azure) | Cloud Provider | Kondukto ASPM platform runs on top of AWS, GCP, and Microsoft Azure. These cloud providers host the personal data you store in the Cloud Services. |
| Google Inc | "If you engage in email support via Gmail, Google receives basic contact info (e.g., name, email address). If you include other personal data in your support emails (e.g., snippets of database logs, query outputs, etc.), this information would also be processed by Google." | |
| Cloudflare, Inc. | Content Delivery Network | Kondukto services use Cloudflare as CDN and proxy, some informations like IP addresses may be processed by Cloudflare |
| MongoDB, Inc. (MongoDB Atlas) | Managed Database Service | "Kondukto's ASPM platform uses MongoDB Atlas as the primary NoSQL database. Sensitive and personal information, such as users' names, email addresses, organizational vulnerability data, code snippets, and other sensitive details, are stored in MongoDB." |
| Zoho Corporation | Support Portal | If you engage in email support, Zoho receives basic contact info (e.g., name, email address). If you include other personal data in your support emails (e.g., snippets of database logs, query outputs, etc.), this information would also be processed by Zoho. |
| Okta, Inc. | Authentication Services | Okta receives and stores basic information in the course of authenticating you into the service via federated single sign in (e.g, first and last name, business contact info, email |
| Other Third Party Tools | Integration | Based on the integration and tool specifications, sensitive information like vulnerability data, user details, code snippet and telemetry data may be stored and processed by the target tool/company. |
Please send an email to info+trust@kondukto.io if you have any questions or would like to be notified about changes to the subprocessor list.