Our agreement with You
When providing our services you are the Data Controller and we are the Data Processor. From time to time we use subcontractors (called Sub-Processors) to help us provide our services.
This webpage explains the Sub-Processors we use and how they help us provide our services. We’ve created this page to be as transparent as possible with our customers and help them comply with their own requirements under data protection laws around the world.
If you are in the European Union and your organisation needs us to sign a DPA in order to meet your regulatory requirements, please email privacy@realvnc.com and we will send you our standard DPA.
Please keep in mind that this webpage does not give You any additional rights or advice, and should not be construed as a binding agreement.
Protecting Your Personal Data
Sub-Processor selection: We evaluate the security practices of all the Sub-Processors we work with to ensure they have acceptable security, privacy and confidentiality practices in place to offer an equivalent level of protection for Personal Data as we have agreed with you in the DPA.
Sub-Processor Contracts: The terms of our contracts with our Sub-Processors offer an equivalent level of protection for Personal Data as those in our DPA, including but not limited to the requirements to:
- Process Personal Data in accordance with your documented instructions as communicated in writing to the Sub-Processor by us (unless those instructions would breach Data Protection Law).
- Ensure the personnel engaged to process the Personal Data are aware of their obligations under Data Protection Law and are contractually bound to adhere to Data Protection Law.
- Implement and maintain appropriate technical and organisational measures to protect Personal Data.
- Promptly inform us of any actual or potential security breach.
- Cooperate with us to respond to requests from data subjects or data protection authorities on your instructions.
- Assist you in meeting your GDPR obligations in relation to the security of processing, the notification of personal data breaches and data protection impact assessments.
Updates to the list of Sub-Processors
The list of organisations we use to help us run our business may be updated by us from time to time. To receive notifications of updates to this webpage click “Follow” at the top of the policy.
As per the DPA, we will give 14-days’ notice for you to reasonably object to your Personal Data being processed by the proposed changes to our sub-processors list. The following table gives the name, reason for processing, the type of change (removal or addition), and an inclusive effective date of the proposed changes. After the inclusive effective period, and following no reasonable grounds for objection, we will process your Personal Data with the amended list of Sub-Processors.
Please refer to the terms of your DPA with us for information on your right to object to the processing of Personal Data by a new Sub-Processor.
| Proposed additional sub-processor | Purpose of processing Personal Data | Type of change | Effective date |
Our Sub-Processors (last updated on 29 October 2020)
Our current Sub-Processors that we engage to help us provide our services are:
| Sub-Processor | Purpose of processing Personal Data | RealVNC Division |
|---|---|---|
| Microsoft (Azure) One Microsoft Way Redmond WA, 98052 US |
Service processing to message new subscribers. | RealVNC Connect |
| NTT 2nd Floor 1 King William Street London EC4N 7AR UK |
Internet connectivity - server co-location (US, UK). | RealVNC Connect |
| Telstra 110 Southwark St London SE1 0TA UK |
Internet connectivity - server co-location (UK). | RealVNC Connect |
Our Processors (last updated on 11th September 2025)
Our current processors that we use internally to help us operate our business, such as managing our customer relationships and helping us understand how our services are used, where RealVNC is the Data Controller, are:
| Processor | Purpose of processing Personal Data | RealVNC Division |
|---|---|---|
| Amazon Web Services, Inc. | Transactional emails, content delivery and DNS services. | RealVNC Connect |
| APIVoid | Email reputation checking for fraud prevention | RealVNC Connect |
| Braintree | Payment processing | RealVNC Connect |
| Cloudflare, Inc | Content delivery and web application security on our website and RealVNC Connect and RealVNC Developer portals | RealVNC Connect |
| Conveyor, Inc. | Customer trust platform (trust.realvnc.com) | RealVNC Connect RealVNC business systems |
| Crescendo AI | AI Bot for Support, Customer Services and Sales (voice, chat, email) | RealVNC Connect |
| Lift.AI | Website visitor business intelligence | RealVNC Connect |
| PartnerHero | Custromer support services | RealVNC Connect |
| Gainsight | Customer Success and Product Experience Software | RealVNC Connect |
| GoCardless | Payment processing | RealVNC Connect |
| Google Analytics | Website analytics. | RealVNC Connect |
| Google BigQuery | Enterprise Data Warehouse for Business Intelligence | RealVNC Connect |
| Hubspot | Marketing system and managing customer correspondence. | RealVNC Connect |
| Mailchimp (Mandrill) | Sending transactional emails. | RealVNC Connect |
| OneTrust | Cookie preference management | RealVNC Connect |
| Outreach.io | Sales system used for managing customer correspondence, call recording and AI call transcription and analysis | RealVNC Connect |
| RelianceCyber | Cyber Security Services | RealVNC Connect RealVNC business systems |
| Salesforce (EU tenant) | Customer relationship management. | RealVNC Connect |
| SurveyMonkey | Customer surveys. | RealVNC Connect |
| Talend (Stitch) | Data extraction for business intelligence. | RealVNC business systems |
| Unbounce | Website Popups | RealVNC Connect |
| VWO | Trigger and track A/B split tests | RealVNC Connect |
| Zendesk | Customer support system, including the recording of phone calls. | RealVNC Connect |
| Zuora, Inc. | Subscription management and financial reporting. | RealVNC Connect |
Comments
Article is closed for comments.