Skip to content

Privacy Matters at Contrast Security

Sub-Processors List

List of Sub-Processors as of 18 December 2024

Contrast Security, Inc. (“Contrast”) uses sub-processors to help in the delivery of products and to provide related support services to our customers. A sub-processor is a third-party organization used by Contrast, where we are acting as a processor, to support the processing of our customers’ personal data. We maintain an up-to-date list of the entities, functions, and locations of our sub-processors as referenced below. For any questions regarding our sub-processor list, please email rfp@contrastsecurity.com.

Contrast sub-processors are bound by data processing agreements at least as rigorous as those we enter into with our customers, and we regularly audit our sub-processors to ensure compliance with applicable data protection laws and security standards and commitments.

Contrast organizes its sub-processors into three categories: infrastructure, customer support, and professional services. 
Infrastructure sub-processors are only used with our cloud storage-based solutions and are not applicable to our enterprise on premise customers. 
Customer support sub-processors only process customer information if the customer submits such information to us in a support request.
Professional services sub-processors support our managed services offering and provide additional engineering resources for customer support issues under limited circumstances.

To sign up for email notifications of changes to our sub-processor list, please follow the link below:

Register Now

 

Contrast Security – List of Sub-Processors:

Sub-Processor

Contact Details of Sub-Processor and Data Privacy Officer

Processing Location of Data

Processing Operations of Sub-Processor

Contrast Service

Infrastructure

 

 

 

 

Amazon Web Services (“AWS”)

410 Terry Avenue N Seattle, WA 98109 USA

DPO: https://aws.amazon.com/contact-us/compliance-support/

Customers in the U.S.
us-east-1 (Virginia USA) - primary
us-west-2 (Oregon, USA) - primary
us-east-2 (Ohio USA) - failover

Data of US customers does not leave US

Customers in the U.K. and E.U.
eu-west-2 (London, UK) - primary
eu-west-1 (Ireland) - failover
eu-west-3 (Paris, France)- failover
eu-central-1 (Frankfurt, Germany) - primary EU customers

Data of EU customers does not leave EU*

Customers in Japan

ap-northeast-1 (Tokyo, Japan)- primary
ap-northeast-3 (Osaka, Japan) - failover

Data of customers in Japan does not leave Japan

Cloud Hosting Provider

Backups of customer data

SaaS

Datadog

620 8th Ave
45th Floor
New York, NY 10018 USA 

DPO: gdpr@datadoghq.com

privacy@datadoghq.com

United States

Log Aggregation, Alerting and Security Anomaly Detection

Confidential Data captured in Vulnerabilities or Attack Trace Data, Admin User Information

SaaS

Snowflake

106 E Babcock Street Suite 3A

Bozeman, MT 59715 USA

DPO: dpo@snowflake.com

privacy@snowflake.com 

United States

Data warehouse

SaaS

Tableau (Salesforce)

415 Mission St, 3rd floor

San Francisco, CA 94105 USA

privacy@salesforce.com 

United States

Data visualization

SaaS

Transcend

340 S Lemon Ave #1897

Walnut, CA 91789 USA

privacy@transcend.io 

United States

Data inventory and data subject rights fulfillment

SaaS

Wiz, Inc.

One Manhattan West, 57th Floor
New York, NY 10001 USA

DPO: privacy@wiz.io

United States

Infrastructure Monitoring, Vulnerability Management, Threat Intelligence, Compliance Reporting

Vulnerability Data Related to the SaaS Environment

SaaS

Customer Support

 

 

 

 

Atlassian, Inc. (Jira/Confluence)

350 Bush Street
Floor 13
San Francisco, CA 94194 USA

DPO: Dataprotection@atlassian.com

United States

Privileged users could potentially process from any of these locations - Bulgaria, Canada, Germany, Isle of Man, Japan, Mexico, New Zealand, UK

Bug Tracking - Jira, Project Management

SaaS

On Premise

DarkTrace, Ltd.

555 Mission Street
Suite 3225
San Francisco, CA 94105 USA

DPO: privacy@darktrace.com

Headquartered in Cambridge, England and San Francisco, California, United States

Email Security

SaaS

On Premise

Google Workspace

1600 Amphitheatre Pkwy
Mountain View, CA 94043 USA

DPO: https://support.google.com/policies/
contact/general_privacy_form

United States

Email, File Storage,  Collaboration, Hosting,  Platform Services

SaaS

On Premise

LinearB, Inc.

929 Colorado Ave.

Santa Monica, CA 90401 USA

DPO: privacy@linearb.io

United States

Bug tracking and metrics

SaaS

On Premise

Slack Technologies, Inc.

500 Howard Street
San Francisco, CA
94105 USA

DPO: dpo@slack.com

United States

Customer support communication and collaboration

SaaS

On Premise

Zendesk, Inc.

999 Market Street
San Francisco, CA 94103 USA

DPO: privacy@zendesk.com

euprivacy@zendesk.com

Attn: Privacy Team and DPO

United States 

Customer Success employees with privileged access could potentially access from any of these locations - Canada, Isle of Man, Japan, UK

Customer Support Portal/ Customer Relationship Management (“CRM”)

Customer Support Ticket Data

 

SaaS

On Premise

Zoom

55 Almaden Blvd
Suite 600
San Jose, CA 95113 USA

DPO: privacy@zoom.us

Attn: Data Protection Officer

United States

Conference Calling Communication

SaaS

On Premise

Professional Services

 

Cloud Security Partners

12110 Sunset Hills Rd Suite 600

Reston, VA 20190 USA

privacy@cloudsecuritypartners.com

 United States

Managed Services

SaaS

iWAconsolti

Prolongation of Oriente 6
#996 B Col.
Centro. Orizaba
Veracruz, MX  CP 94300 

DPO: Gerardo Arellano <garellano@iwa.com.mx>
bolsadetrabajo@iwa.com.mx

Mexico

Engineering/ R&D Support

SaaS

On Premise

NLS Systems, Ltd.

147 Pinehaven Road
Pinehaven, Upper Hutt, 5019
New Zealand

info@nls.systems

New Zealand

Engineering/ R&D Support

SaaS

On Premise
 

*  unless otherwise specified in customer contract / agreement