What is a sub-processor?
A sub-processor is a third-party data processor engaged by Mindtickle to carry out personal data processing activities as required to provide services to customers per the terms of service, agreement, and the DPA.
List of sub-processors
The table below indicates the current list of sub-processors authorized to process customer personal data on the Mindtickle platform and related services.
| Legal entity name | Service applicability | Nature and purpose of processing | Data location | Personal data processed | Registered address | Status |
| MindTickle Interactive Media Private Limited1 | All services | Product development and customer support | India | Mandatory – Name, Email ID Optional – Photograph, Audio Recording, Video Recording |
4th Floor, Solitaire World, Baner, Pune, Maharashtra 411045, India | Active |
| Amazon Web Services, Inc. | Platform, Asset Hub, Call AI, RevOps, DSR | Secure cloud infrastructure and storage for the Mindtickle platform | United States, Ireland, Singapore, and Japan based on the customer’s choice | Mandatory – Name, Email ID Optional – Photograph, Audio Recording, Video Recording |
410 Terry Avenue North, Seattle, WA 98109-5210, United States | Active |
| Google LLC and affiliates | All services | Communication with customers’ users and transcription | United States or Ireland based on the customer’s choice | Mandatory – Name, Email ID Optional – Audio Recording |
1600 Amphitheatre Parkway Mountain View, CA 94043, United States | Active |
| Box, Inc. | Platform | Media processing and transformation | Unites States | Name, Email ID | 900 Jefferson Avenue, Redwood City, CA 94063, United States | Active |
| Filestack, Inc. | Platform, Asset Hub | Media processing and transformation | Unites States | Name, Email ID | IDERA Headquarters 10801 N Mopac Expressway Building 1, Suite 100 Austin, TX, 78759, United States | Active |
| Snowflake, Inc. | Platform, Asset Hub, Call AI | Data analytics and insights | United States or Singapore based on the customer’s choice | Name, Email ID | Suite 3A, 106 East Babcock Street, Bozeman, Montana 59715, United States | Active |
| Jitterbit, Inc. | Platform, Asset Hub, Call AI, RevOps, DSR | Integration platform between customers’ third-party applications and MindTickle | United States | Email ID | 1301 Marina Village Parkway, Suite 201, Alameda, CA 94501, United States | Active |
| Nylas, Inc. | Asset Hub | Email accounts integration and message delivery | United States or Ireland based on the customer’s choice | Email ID | 944 Market St, San Francisco, CA 94102, United States | Active |
| Workato, Inc. | Platform, Asset Hub, Call AI, RevOps, DSR | Integration platform between customers’ third-party applications and Mindtickle | United States | Email ID | 215 Castro Street, Suite 300, Mountain View, California 94041, United States | Active |
| Sumo Logic, Inc. | Platform, Asset Hub, Call AI, RevOps, DSR | Log monitoring and analytics | United States | Name, Email ID | 305 Main Street Redwood City, CA 94063, United States | Active |
| Mixpanel, Inc. | Platform, Asset Hub, Call AI, RevOps, DSR | Platform event monitoring and analytics | United States | Name, Email ID | One Front Street, 28th Floor, San Francisco, CA 94111, United States | Active |
| Fullstory, Inc. | Platform, Asset Hub, Call AI, RevOps, DSR | Analytics of user sessions on MindTickle | United States | Mandatory – Name, Email ID Optional – Photograph |
1745 Peachtree Street NE, Suite G, Atlanta, GA 30309, United States | Active |
| Zipy, Inc. | Platform, Asset Hub, Call AI, RevOps, DSR | User session analytics and debugging | United States | Mandatory – Name, Email ID Optional – Photograph |
1010, Silliman Street, San Francisco, CA 94134, United States | Active |
| Atlassian Pty Ltd. | Platform, Asset Hub, Call AI, RevOps, DSR | Production issues/incidents tracking and communication | United States | Mandatory – Name, Email ID Optional – Support Call Audio Recording, Support Call Video Recording |
Level 6, 341 George St, Sydney NSW 2000, Australia | Active |
| Freshworks, Inc. | Platform, Asset Hub, Call AI, RevOps, DSR | Managing tickets for customer support | United States | Mandatory – Name, Email ID Optional – Support Call Audio Recording, Support Call Video Recording |
2950 S. Delaware Street, Suite 201, San Mateo, CA 94403, United States | Active |
| Marketo, Inc. | All services | Communication management with customers’ users and administrators | United States | Name, Email ID | 901 Mariners Island Blvd Suite 200, San Mateo, CA, 94404, United States | Active |
| Qualtrics, LLC | All services | Product feedback and surveys | United States | Name, Email ID | 333 W. River Park Dr. Provo, UT 84604, United States | Active |
| WalkMe, Inc. | Platform, Asset Hub, Call AI, RevOps, DSR | Platform navigation training and walkthrough | United States | Name, Email ID | 2775 McAllister St, San Francisco, California, 94104, United States | Active |
| Gainsight, Inc. | All services | Customer Success management platform | United States | Name, Email ID | 350 Bay Street, Suite 100, San Francisco, CA 94133, United States | Active |
| Salesforce.com, Inc. | All services | Customer account and relationship management | United States | Name, Email ID | 415 Mission Street, 3rd Floor, San Francisco, CA 94105, United States | Active |
| Articulate Global, LLC | CaaS | Content creation and collaboration | United States | Name, Email ID | 244 5th Avenue, Suite 2960, New York, NY 10001, United States | Active |
| Filestage GmbH | CaaS | Content creation and collaboration | Germany | Name, Email ID | Filestage GmbH, Lautenschlagerstraße 16, 70173, Stuttgart, Germany | Active |
| BoostUp.ai (Also known as Vocalo, Inc.) | RevOps | Provides sales forecasting and pipeline analysis | United States or Ireland based on the customer’s choice | Mandatory – Name, Email ID, Address, Phone Number, Calendar Information Optional – Audio Call Recording, Audio Call Transcript |
2040 Martin Ave, Santa Clara, California 95050, United States | Active |
| Enable, Inc. | DSR | Sales opportunity collaboration and content sharing | United States | Name, Email ID | 5651 Dreyer Place, Oakland, California 94619, United States | Active |
1 For Customers, where MindTickle Interactive Media Private Limited is a party to the Agreement, this entity is a processor, not a sub-processor.
Note: The duration of processing by these sub-processors will be as per the terms of the Agreement signed with the Customers. Subject to specific approval of corresponding customers, we may use additional sub-processors for processing personal data controlled by the said customer.
Additional information about definitions used in the service applicability
- “Platform” includes Course, Quick Update, Checklist, Instructor-Led Training, Assessment, Missions (Virtual Role-Play), Coaching Session & Competency Assessment (Field Coaching), Spaced Reinforcement
- Conversational Intelligence (Call AI)
- Revenue Operations & Intelligence (RevOps)
- Digital Sales Rooms (DSR)
- Content as a Service (CaaS)
Contractual controls
Mindtickle signs data processing agreements and standard contractual clauses with all of its sub-processors and imposes data protection obligations for protecting customer personal data with similar security standards as committed by Mindtickle to the customers. These data processing agreements are aligned with the global data protection laws such as GDPR, CCPA, CPRA, UK DPA, etc.
We include the following controls in the agreements to ensure the protection of customer personal data –
- Right to audit – to allow an audit of the procedures relevant to customer personal data protection.
- Data deletion – to delete personal data to fulfill data subject or customer requests or upon contract termination
- Confidentiality agreements – to ensure employees and contractors with access to customer personal data have understood the confidential nature of the information and have signed confidentiality agreements
- Training – to educate the employees on security and privacy practices to be followed while handling customer personal data
- Incidents and breaches – to identify the root cause and impact, remediate the incident, and inform Mindtickle of impacted customer personal data relevant to the incident or breach
- Security measures – to mandate technical and organizational security measures through vendor security policy or similar controls required by data protection laws and customer agreements
- Fourth party risk – to impose the same standards of processing and security controls under applicable data protection laws to sub-processors of Mindtickle sub-processors
Onboarding and annual due diligence
In accordance with our supplier security policy, Mindtickle performs mandatory due diligence of all sub-processors through information security, privacy, and legal reviews. Sub-processor due diligence is performed during onboarding and once annually and includes a review of the following –
- SOC 2 Type 2, ISO 27001, NIST, or similar industry-standard security reports
- Compliance with applicable data protection laws and regulations
- Vulnerability assessment and penetration testing reports
- Information security and privacy policy documents
- Privacy notice
- Service level agreements, including uptime commitments, RTO, and RPO
- Business continuity plans and disaster recovery reports
- Supplier due diligence questionnaire
Only the carefully selected suppliers that are approved by security, privacy, and legal teams in the due diligence process are authorized as sub-processors and granted access to customer personal data.
Data sharing and responsibility
Mindtickle engages sub-processors to process personal data only in accordance with the customer agreement and documented instructions through the following –
- Onward data transfer – includes using relevant transfer mechanisms for the transfer of personal data in accordance with the applicable data protection laws.
- Data minimization – sharing only the minimum required personal data that is absolutely necessary to provide services to our customers.
- RoPA – to maintain a detailed record of processing activities, including types, attributes, purposes, and safeguards of personal data shared with our sub-processors, which is reviewed quarterly.
- Risk ownership – Mindtickle takes full responsibility for the security and privacy of the customer data transferred to its sub-processors and will remain liable for any breach of customer personal data caused by any of its sub-processors.
Changes to sub-processors
Mindtickle provides at least 30 days prior notice to our subscribed customers before authorizing any new sub-processors to process customer personal data and provides customers with a window to object to such appointments. Customers can use below subscription form to receive sub-processor change communication.
More on security, privacy, and compliance at Mindtickle
Security |
Privacy |
Platform |
Terms |
| Trust | Privacy Policy | Platform Status | Terms of Service |