Third Party Sub Processors

Last updated: 21st March 2024

Who we are and what this is

Method Apps Limited (“we”, “us” or “our”).
Registered company address: 11 Laura Place, Bath, England, UK, BA2 4BL.
Registered in England & Wales 11235998.

Method Apps Limited engages the third party entities below to perform limited activities in connection with customer data associated with Method Grid and Method Apps Limited.


Microsoft

Activity: Marketing, office applications, communications and email delivery

Data processed: Name, email, organization

App data processed: Name, email, organization

Data locations: UK

More information: https://www.microsoft.com/en-gb/trust-center/privacy/data-location


Microsoft Azure OpenAI Service

Activity: Content processing and creation

Data processed: User generated content

App data processed: User generated content

Note: Only relevant to accounts using the AI Assistant. We do not envisage that Microsoft Azure OpenAI Service will be a sub-processor at this time, unless a Method Grid customer inputs personal data into the AI functionality provided by Microsoft Azure OpenAI Service in breach of its customer agreement.

Data locations: UK

More information: https://learn.microsoft.com/en-us/legal/cognitive-services/openai/data-privacy


Google

Activity: Marketing, office applications, communications and support

Data processed: IP address, marketing tracking

App data processed: None

Data locations: US

More information: https://policies.google.com/privacy/frameworks?hl=en-US


Stripe Inc.

Activity: Finance

Data processed: Name, email, organization, billing details

App data processed: Name, email, organization, billing details

Data locations: US

More information: https://stripe.com/gb/privacy


Xero Limited

Activity: Finance

Data processed: Name, email, organization, billing details

App data processed: None

Data locations: US

More information:: https://www.xero.com/uk/campaigns/xero-and-gdpr/ and https://www.xero.com/uk/about/legal/privacy/


DigitalOcean, LLC

Activity: Infrastructure

Data processed: Name, email, organization, profile image, all app data

App data processed: Name, email, organization, profile image, all app data

Data locations: UK

More information:: https://www.digitalocean.com/security/gdpr/faq/ and https://www.digitalocean.com/legal/privacy-policy/


Cloudflare, Inc.

Activity: Infrastructure

Data processed: IP

App data processed: None

Data locations: US

More information: https://www.cloudflare.com/en-gb/privacypolicy/ and https://www.cloudflare.com/en-gb/gdpr/introduction/


Dropbox Sign

Activity: Legal

Data processed: Name, email, address, signature

App data processed: None

Data locations: US

More information: https://gb.hellosign.com/privacy


Hubspot

Activity: Marketing, support and communications

Data processed: Contact details (name, email, phone, address etc.), company details and communication records

App data processed: Name, email, organisation

Data locations: US

More information: https://legal.hubspot.com/privacy-policy


Livestorm Inc.

Activity: Webinars

Data processed: Name, email

App data processed: None

Data locations: EU (Ireland)

More information: https://livestorm.co/privacy-policy


OpenAI

Activity: Content processing and creation

Data processed: User generated content

App data processed: User generated content

Note: Only relevant to accounts using the AI Assistant. We do not envisage that OpenAI, L.L.C. will be a sub-processor unless a Method Grid customer inputs personal data into the AI functionality provided by Open AI L.L.C in breach of its customer agreement.

Data locations: US

More information: https://openai.com/policies/api-data-usage-policies


PostHog Inc.

Activity: Analytics

Data processed: Name, email, organization, IP, all app data

App data processed: Name, email, organization, IP, all app data

Data locations: EU (Germany)

More information: https://posthog.com/handbook/company/security and https://posthog.com/privacy


Contact

Questions, comments and requests regarding this policy are welcomed and should be addressed via our contact page here.


Change log

22 July 2021 – Updated to add Hubspot privacy policy. Removed information about Pipedrive and Calendly.
13 August 2021 – Removed references to Olark and GrooveHq.
19 November 2021 – Removed references to Campaign Monitor.
14 December 2021 – Added Name, email, organisation to data that Hubspot processes
26 April 2022 – Added reference to Livestorm
10 March 2023 – Removed references to SoPro, Tribe and Twilio
30 June 2023 – Added Microsoft and Open AI, amended HelloSign to Dropbox Sign, updated all data locations and updated more information links
27th October 2023 – Added reference to Leadfeeder (Dealfront Group GmbH)
2nd February 2024 – Removed references to Chargebee
6th March 2024 – Added reference to PostHog Inc.
11th March 2024 – Added reference to Microsoft Azure OpenAI Service
21st March 2024 – Removed references to Leadfeeder (Dealfront Group GmbH)

GRIDtalk: Creating a Renewable Energy Project Delivery Playbook for SSE Renewables Register