Build and transform technology landscapes to support evolving business strategies and operationalize innovation.
Learn moreMaximize market potential through a partner program offering LeanIX solutions tailored to your business model.
Learn moreTake your capabilities to the next level and arm yourself with the knowledge you need
See all resourcesWhat additional entities is LeanIX planning to add as Subprocessors and where are they located?
LeanIX intends to add the following LeanIX Affiliates as Subprocessors. All these entities are 100% owned entities of the LeanIX Group and are exclusively located in the EU/UK.
What is the purpose and where the Customer data will be processed?
These LeanIX affiliates will be supporting the LeanIX group by providing User Support, maintenance and development.
Why are you appointing this Subprocessors now?
To ensure that we can continue to grow as a business, manage capacity, and ensure that our global support continues to meet the requirements of our ever growing customer base.
Does this include any third party Subprocessor?
No, only 100% fully owner subsidiaries of the LeanIX group are being added.
Does this change the location of my workspaces?
Nothing changes in the way we agreed to provide you the services, including the place of hosting. Your workspaces (and every data therein uploaded) will remain hosted in the same location specified in your contract with LeanIX.
Will there be any access from outside the EEA, or from countries that do not provide an adequate level of protection?
Does anything changes in the way LeanIX processes your data, or in the services provided?
Will the new sub-processors treat the data differently?
No, all of our Affiliates treat and protect customer data in the same way. Each new sub-processor will be subject to the same contractual and legal obligations as the existing sub-processors.
You can find a description of those measures here
How are the new sub-processors contractually bound by the same obligations as existing sub-processors?
Do you have Standard Contractual Clauses (“SCCs”) in place with these new sub-processors?
No, that is not required. These sub-processors are all either entities which are directly subject to the GDPR and based in the EEA (Slovenia, Netherlands, France) or are located in countries which benefit from an ‘adequacy decision’ from the EU Commission (UK). For that reason, it is not necessary to implement SCCs for data transfers to those entities. The appointment of these new sub-processors does not create any new requirements with regard to international data transfers.
Do I need to sign a new Data Protection Agreement (“DPA”) or do we need to amend the existing Data Protection Exhibit (DPE) included in my contract with LeanIX?
No, the existing DPE/DPA in place between us already sets out the process for the appointment of additional sub-processors. We are notifying you of the intended appointment of new sub-processors in accordance with that process. However, if you wish a written confirmation of the appointment, please contact dataprivacy.subprocessors@leanix.net.
Where can I find a full list of the subprocessors used by LeanIX?
The complete list of our subprocessors is available here https://www.leanix.net/en/legal/list-of-subprocessors.
At the same link, you can register to receive new updates and information about our subprocessors.
When will the appointment take effect?
Where can I get information in addition to those provided here?
We are here to help! Should you have any more questions, please contact us at dataprivacy.subprocessors@leanix.net.