In delivering our services, our partners may have access to your personal data. Therefore, they act as (sub-)processors of personal data as defined by the General Data Protection Regulation (GDPR). At Keeping, we take various measures to ensure that processing this data is done securely and responsibly. Whenever possible, we keep data within Europe; for example, our application servers are located in Amsterdam, Netherlands. We have data processing agreements with all our partners. Additionally, we only work with partners from the European Union or from the United States if they are affiliated with the EU-US Privacy Shield.
Sub-processor — active data processing agreement
We use the services of Bugsnag to capture and analyze error messages on our website(s). The data sent to Bugsnag is pseudonymized.
Bugsnag Inc. is affiliated with the EU-US Privacy Shield.
Read more about Bugsnag and data security.
Sub-processor — active data processing agreement
DigitalOcean is our partner for Keeping's server infrastructure. We host Keeping in the Netherlands, specifically in Amsterdam. This ensures that the majority of Keeping data is stored and processed within the Netherlands and therefore the EEA.
DigitalOcean's data centers are certified for: ISO/IEC 27001, SOC 1 Type II, SOC 2 Type II.
DigitalOcean LLC is affiliated with the EU-US Privacy Shield.
Read more about DigitalOcean and data security.
Processor — active data processing agreement
We use Feedback Company's services to send review invitations to you and to collect the subsequent reviews. This allows us to display ratings from our users on our website(s).
The Feedback Company B.V. is a Dutch company and is therefore fully subject to European regulations.
Read more about Feedback Company and data security.
Sub-processor — active data processing agreement
The services of Geoapify GmbH are used within trip logging to determine coordinates based on entered address data, in order to calculate the distance for the most common route between these two points.
Geoapify GmbH is a German company, and is therefore automatically subject to full European regulations. Read more about Geoapify privacy policy._
Sub-processor — active data processing agreement
The services of Google Cloud are used for crash reporting and configuration of the mobile applications. Wherever possible, we use Google servers within the Netherlands and the EEA.
Google’s data centers are certified for: ISO/IEC 27001, SOC 1, SOC 2, SOC 3.
Google LLC is affiliated with the EU-US Privacy Shield.
Read more about Google Cloud and data security.
Processor — active data processing agreement
Google Suite is used for email communication, calendar scheduling, and cloud storage for our team. Since communications with the Keeping team may contain personal data, we have a data processing agreement with Google Suite.
Google’s data centers are certified for: ISO/IEC 27001, SOC 1, SOC 2, SOC 3.
Google LLC is affiliated with the EU-US Privacy Shield.
Read more about Google Suite and data security.
Processor — active data processing agreement
When you contact customer service, your messages pass through the servers of our partner Help Scout. Help Scout can read the content of the messages sent between you and us. For this reason, we have a data processing agreement with Help Scout.
HelpScout Inc. is affiliated with the EU-US Privacy Shield.
Read more about Help Scout and data security.
Processor — active data processing agreement
If you are late with a payment, we can offer you the option to make the payment through our secondary payment partner, Mollie. They store information about the transaction and the invoice you pay.
Mollie complies with: PCI-DSS.
Mollie B.V. is a Dutch company and is therefore fully subject to European regulations.
Read more about Mollie and data security.
Processor — active data processing agreement
Invoices sent for your subscription with Keeping are processed through Moneybird. To correctly issue your invoice, the payment information provided for your organisation is used. Additionally, within Keeping, you can integrate invoicing with Moneybird, sending parts of time registration data to Moneybird to enable the integration and its features. Therefore, we have a data processing agreement with Moneybird.
Moneybird B.V. is a Dutch company and is therefore fully subject to European regulations.
Read more about Moneybird and data security.
Sub-processor — active data processing agreement
All emails you receive from and send through Keeping (e.g., for inviting team members) are handled by Postmark. Postmark has access to the content of the emails, so we have a data processing agreement with Postmark.
Postmark complies with: SOC 1.
Wildbit LLC (Postmark's parent company) is affiliated with the EU-US Privacy Shield.
Read more about Postmark and data security.
Sub-processor — active data processing agreement
Tools from Solarwinds (Papertrail, Appoptics, and Pingdom) are used to aggregate and analyze error reports and log files from the website(s) and mobile applications for improving Keeping. Data sent to Solarwinds is pseudonymized.
Solarwinds complies with: SOC 2 Type II.
SolarWinds Corporation is affiliated with the EU-US Privacy Shield.
Read more about Solarwinds and data security.
Processor — active data processing agreement
Slack is used as an internal communication tool. Sharing personal data via Slack is minimized. However, as it may occasionally be necessary to use personal data for internal communication, we have a data processing agreement with Slack.
Slack complies with: ISO/IEC 27001, SOC 2, SOC 3.
Slack Technologies Inc. is affiliated with the EU-US Privacy Shield.
Read more about Slack and data security.
Processor — active data processing agreement
Do you pay for Keeping with a credit card? Then our payment partner Stripe will securely store this information.
Stripe complies with: PCI-DSS.
Stripe Inc. is affiliated with the EU-US Privacy Shield.
Read more about Stripe and data security.
Processor — active data processing agreement
Tideways is used to aggregate and analyze error reports and log files from the website(s) and application(s) to improve Keeping. Data sent to Tideways is pseudonymized.
Tideways GmbH is a German company, and is therefore fully subject to European regulations.
Read more about Tideways and data security.
Processor — active data processing agreement
Our servers are monitored by the technicians at Twisted Bytes. They ensure that servers perform optimally, are well-secured at the machine level, and immediately investigate any issues.
Twisted Bytes B.V. is a Dutch company, and is therefore fully subject to European regulations.
Read more about Twisted Bytes and data security.
For questions and/or feedback about this list you can contact us via: