Network Rail 
Arup 
Oxford Brookes University 
NHS 
SSE 
Future Shift 
Project and Program Management 
Project Governance Framework 
Benefits Management Framework 
Last updated: 21st March 2024
Who we are and what this is
Method Apps Limited (“we”, “us” or “our”).
Registered company address: 11 Laura Place, Bath, England, UK, BA2 4BL.
Registered in England & Wales 11235998.
Method Apps Limited engages the third party entities below to perform limited activities in connection with customer data associated with Method Grid and Method Apps Limited.
Microsoft
Activity: Marketing, office applications, communications and email delivery
Data processed: Name, email, organization
App data processed: Name, email, organization
Data locations: UK
More information: https://www.microsoft.com/en-gb/trust-center/privacy/data-location
Microsoft Azure OpenAI Service
Activity: Content processing and creation
Data processed: User generated content
App data processed: User generated content
Note: Only relevant to accounts using the AI Assistant. We do not envisage that Microsoft Azure OpenAI Service will be a sub-processor at this time, unless a Method Grid customer inputs personal data into the AI functionality provided by Microsoft Azure OpenAI Service in breach of its customer agreement.
Data locations: UK
More information: https://learn.microsoft.com/en-us/legal/cognitive-services/openai/data-privacy
Activity: Marketing, office applications, communications and support
Data processed: IP address, marketing tracking
App data processed: None
Data locations: US
More information: https://policies.google.com/privacy/frameworks?hl=en-US
Stripe Inc.
Activity: Finance
Data processed: Name, email, organization, billing details
App data processed: Name, email, organization, billing details
Data locations: US
More information: https://stripe.com/gb/privacy
Xero Limited
Activity: Finance
Data processed: Name, email, organization, billing details
App data processed: None
Data locations: US
More information:: https://www.xero.com/uk/campaigns/xero-and-gdpr/ and https://www.xero.com/uk/about/legal/privacy/
DigitalOcean, LLC
Activity: Infrastructure
Data processed: Name, email, organization, profile image, all app data
App data processed: Name, email, organization, profile image, all app data
Data locations: UK
More information:: https://www.digitalocean.com/security/gdpr/faq/ and https://www.digitalocean.com/legal/privacy-policy/
Cloudflare, Inc.
Activity: Infrastructure
Data processed: IP
App data processed: None
Data locations: US
More information: https://www.cloudflare.com/en-gb/privacypolicy/ and https://www.cloudflare.com/en-gb/gdpr/introduction/
Dropbox Sign
Activity: Legal
Data processed: Name, email, address, signature
App data processed: None
Data locations: US
More information: https://gb.hellosign.com/privacy
Hubspot
Activity: Marketing, support and communications
Data processed: Contact details (name, email, phone, address etc.), company details and communication records
App data processed: Name, email, organisation
Data locations: US
More information: https://legal.hubspot.com/privacy-policy
Livestorm Inc.
Activity: Webinars
Data processed: Name, email
App data processed: None
Data locations: EU (Ireland)
More information: https://livestorm.co/privacy-policy
OpenAI
Activity: Content processing and creation
Data processed: User generated content
App data processed: User generated content
Note: Only relevant to accounts using the AI Assistant. We do not envisage that OpenAI, L.L.C. will be a sub-processor unless a Method Grid customer inputs personal data into the AI functionality provided by Open AI L.L.C in breach of its customer agreement.
Data locations: US
More information: https://openai.com/policies/api-data-usage-policies
PostHog Inc.
Activity: Analytics
Data processed: Name, email, organization, IP, all app data
App data processed: Name, email, organization, IP, all app data
Data locations: EU (Germany)
More information: https://posthog.com/handbook/company/security and https://posthog.com/privacy
Contact
Questions, comments and requests regarding this policy are welcomed and should be addressed via our contact page here.
Change log
22 July 2021 – Updated to add Hubspot privacy policy. Removed information about Pipedrive and Calendly.
13 August 2021 – Removed references to Olark and GrooveHq.
19 November 2021 – Removed references to Campaign Monitor.
14 December 2021 – Added Name, email, organisation to data that Hubspot processes
26 April 2022 – Added reference to Livestorm
10 March 2023 – Removed references to SoPro, Tribe and Twilio
30 June 2023 – Added Microsoft and Open AI, amended HelloSign to Dropbox Sign, updated all data locations and updated more information links
27th October 2023 – Added reference to Leadfeeder (Dealfront Group GmbH)
2nd February 2024 – Removed references to Chargebee
6th March 2024 – Added reference to PostHog Inc.
11th March 2024 – Added reference to Microsoft Azure OpenAI Service
21st March 2024 – Removed references to Leadfeeder (Dealfront Group GmbH)