Viz.ai Sub Processor List

Name Activities Data types: Location Hosted in EU Security compliance Transfer measures
Viz.ai Israel AWS EU platform management, technical support, customer support, data processing including anonymisation of data PII, PHI Derech Menachem Begin 150, Tel Aviv-Yafo, Israel No ISO27001, SOC2 Not necessary
Viz.ai US Post market surveillance and patient safety incident reporting. Mandatory for MDR and FDA licensing. Personal data is transferred to identify incident. Attached mandatory reporting sheets outline PD transferred. PD 1819 Polk Street 293, San Francisco, California, 94109 No ISO27001, SOC2 Secure transfer of details via Dropbox. File upload to FDA and EMA portals via mandatory reporting forms.
Amazon Web Services (AWS) EMEA SARL File hosting services PII, PHI 38 Avenue John F. Kennedy, L-1855, Luxemburg (staying outside of Frankfurt, Germany Yes ENS High, AWS Data Processing Addendum (“DPA”) Not necessary
AWS US File hosting services for granting access to Viz.ai EU platform. Technical measures include hashing of data at rest and encryption of data in transit. PII US Oregon No ENS High, AWS Data Processing Addendum (“DPA”) Module 3 SCC
Salesforce.com Inc Provision of assistance and support services for the Client and the Client's users of the Viz.ai platform. Data encrypted at rest with keys held and managed by Viz.ai Israel PII Salesforce.com Salesforce Tower, 415 Mission Street, 3rd Floor, San Francisco, CA94105 No ISO27001, ENS, Data Processing Addendum (“DPA”) BCR
Sumo Logic Log monitoring and analysis PII Via Mecenate 78/A 20138 Milano (MI) Italy Yes SO27001, Data Processing Addendum (“DPA”) Not necessary
Dropbox File hosting services PII One Park Place, 5th floor, Hatch Street Upper, Saint Kevin's, Dublin 2, Ireland Yes ISO27001, SOC2 Data Processing Addendum (“DPA”) Not necessary.
Getstream.io Secure messaging services for mobile endpoints. Fully encrypted and keys controlled by Viz.ai Israel. PII, PHI Kleine-Gartmanplantsoen 21. Amsterdam, Noord-Holland 1017RP, Netherlands Yes ISO27001, SOC2 Data Processing Addendum (“DPA”) Not necessary
Twillio Sengrid Used for SMS messaging and emails with the Viz.ai application. Messages are encrypted in transit and Viz Israel controls the keys. Routing is via edge services in EU data centres. PII 374 Beale Street 300, San Francisco Hosted in the US Yes SOC2 Data. Processing Addendum (“DPA”) BCR’s and encrypted data in transit with keys held by Viz.ai Israel. Twillio do not have access to underlying data.
Twillio FCM Used for SMS messaging and emails with the Viz.ai application. Messages are encrypted in transit and Viz Israel controls the keys. Routing is via edge services in EU data centres. PII 374 Beale Street 300, San Francisco Hosted in the US Yes SOC2 Data. Processing Addendum (“DPA”) BCR's and encrypted data in transit with keys held by Viz.ai Israel. Twillio do not have access to underlying data.
Atlassian Used to store contact details of Viz Support customers PII 350 Bush Street Floor 13, San Francisco CA94104, Hosted in the US No ISO27001, Data Processing Addendum (“DPA”) SCC’s
CarbonHelix Provide a managed Security Operations Centre for Viz PII 1607 Capitol Avenue, Cheyenne, WY82001, Hosted in the US No SO27001, SOC2, Data Processing Addendum (“DPA”) SCC’s
IBM QRadar Provide a Security Incident and Event Management Toolset managed by CarbonHelix PII 1 Orchard Road, Armonk, NY10504, Hosted in the US No SO27001, Data Processing Addendum (“DPA”) SCC’s
Google Workspace Provides Viz.ai’s email, word-processing and document storage. Data is encrypted in transit and at rest with keys managed by Viz.ai PII 1600 Amphitheatre Parkway Mountain View, CA94043, Hosted in the US No SO27001, ENS SCC’s
Zoom 55 Almada Boulevard, Suite 600, San Jose CA95113, Used for customer conference calls and remote meetings PII Hosted in the US No ISO27001 SCC’s (data encrypted end to end if Zoom application is used.
Coralogix EU-West-1 (Ireland) EU-West-2 (Stockholm). Used for analysis of log data. Will be replacing SumoLogic PII Hosted in the EU. Yes ISO27001, SOC2 Not Necessary Data is encrypted in transit, managed, and controlled with keys held by Viz.ai Israel.