Sprinklr's Subprocessors - Information for You
Thank you for visiting our subprocessor page. Here you will find lots of information about our practices for using, engaging and managing subprocessors, as part of our unique service offering. We are committed to the protection of your personal data, and ensuring transparency. To build trust with you, is as important to us, as it is to you.
Please subscribe to receive notice of changes to our subprocessors:
Using subprocessors for a great service experience
Like many tech providers, Sprinklr uses subprocessors because we want to offer the best possible products and services to you. There are some capabilities we want to offer you, but we may not manage them natively. Therefore, we engage trusted third parties who are experts at what they do, to help us make the products and services we give to you, even better.
Secure data sharing with trusted third parties
We understand that when you share data with us, you need to be mindful of and account for, onward data transfers, so you can maintain control over your data, and can comply with your regulatory obligations. We want you to have the information you need about Sprinklr's data sharing practices to help you understand the onward transfers of data and give you the comfort you need regarding the protections we put in place.
A commitment to transparency
The purpose of this page and our FAQs below is to provide you with some additional information so that you have a full understanding of who your data is shared with and why. If you have any additional questions, we are always happy to help. You can contact us at privacy@sprinklr.com.
Sprinklr uses certain trusted subprocessors (including affiliate entities within the Sprinklr group and other third parties listed below) to provide assistance in delivering Sprinklr’s unified customer experience platform to its customers with the best and most competitive functionality.
Sprinklr’s subprocessors may have access to limited customer data only for the purpose of delivering the services Sprinklr has retained them to provide, as part of the services Sprinklr delivers to its customers. Subprocessors are always contractually prohibited from using customer personal data for any purposes other than to support with providing the services to you. Subprocessors are not permitted to use customer data for their own purposes. Access to customer data is usually remote ancillary access, rather than a physical transfer (although remote access is still classed as a transfer for the purposes of data privacy law).
Sprinklr puts its subprocessors through a rigorous selection and due diligence process, with the support of its procurement, legal, security, privacy, and compliance teams. Sprinklr undertakes to use a commercially reasonable selection process by which it evaluates the security, privacy, and confidentiality practices of subprocessors that will or may have ancillary access to or process customer personal data.
Sprinklr enters into contracts with all subprocessors so as to ensure that subprocessors are committed to terms at least as restrictive as those we commit to with our customers. Sprinklr remains liable for the acts and omissions of its subprocessors to the extent that they relate to the provision of the services and in accordance with the limitations of liability in the MSA.
Even where hosting is provided in a specific region, there will still be access to customer data hosted in the platform from other regions. Sprinklr has carried out an assessment of the regions to which personal data is transferred, and customers can find details regarding that in our Whitepaper on International Data Transfers at Sprinklr.com/trust. Depending on a customer’s appetite for international transfers of data, there may be some subprocessors they choose to disable. Customers can work with their implementation consultants to disable certain subprocessors. However, this may have an impact on certain product features or functionality.
Sprinklr, as a SaaS solution, uses a variety of subprocessors across the globe to support with its unique product offering. Many of these subprocessors are product, feature, or service specific. Therefore, whilst the tables below comprise all the subprocessors Sprinklr engages, in the interests of transparency, there may be several subprocessors that are not relevant to the service Sprinklr provides for every customer. It is important that customers read the descriptions below to help them understand which subprocessors are applicable to their unique engagement with Sprinklr. As a customer’s engagement with the Sprinklr platform evolves, new subrpocessors may become relevant. If customers have any questions or concerns regarding the applicability of subprocessors to the products and services they are consuming, they should contact their implementation team or account team, or email privacy@sprinklr.com.
The below tables include all of Sprinklr’s subprocessors. They detail the purposes of sub-processing and the locations of Sprinklr’s subprocessors. As mentioned above, at this point in time, not all of these subprocessors may be relevant to the services being provided by Sprinklr, to every customer. However, to allow its customers to continue to scale and flex their use of the Sprinklr platform, and avoid the need to continually notify customers of changes as they do that, and prevent multiple contractual amendments, Sprinklr asks customers to agree to the engagement of all the below subprocessors, Subject to any specific provisions in a customer’s MSA or DPA, Sprinklr shall have its customers’ general authorization to engage any of the below subprocessors.
Sprinklr may change subprocessors from time to time. Whilst Sprinklr will use commercially reasonable efforts to notify all customers of changes by email, we ask that customers subscribe to our automated update service (see blue button at the top of this page) to be sure to receive notice of updates.
Sprinklr engages trusted third parties to perform limited and specific services to Sprinklr, which supports Sprinklr’s product and service offering to customers. These are categorised as follows:
In-product subprocessors: These subprocessors are inbuilt into the product suite, either through APIs or code. The applicability of these third-party subprocessors depends on the products or services the customer has purchased and the specific features they are leveraging, as noted below. There may be capacity to disable some of these subprocessors so that they are not integrated with and do not have access to customer data within the platform. However, this may impair product functionality. Please refer to the table below to see the potential impact of disablement.
AI/ML subprocessors: These subprocessors perform limited and specific services for customers who are instructing Sprinklr to build a custom AI model for them. They support with data labelling and tagging, annotating, translating, and language needs
Hosting subprocessors: These subprocessors host the Sprinklr platform in their cloud storage centres. Customer’s chosen data hosting location is indicated on their Order Form. If no hosting is specified it will default to U.S hosting. For customers who are engaging with PCI-DSS compliant features in Sprinklr, the processing of PCI data is facilitated through Amazon Web Services in the U.S.
Affiliates of Sprinklr: As a global organization, it may be that the Sprinklr personnel supporting your account are not all based in one location. Sprinklr engages its affiliates to perform activities in connection with the Sprinklr services such as consulting services, customer success management, solutions consulting, security and support, service maintenance (e.g., systems and software engineering, maintenance, troubleshooting), and technical support. The Sprinklr affiliates which may provide you with services are dependent on the location of your account team, the services purchased, the maintenance or support needs of your organisation, or the technical support required.
Implementation and managed service providers: These subprocessors are engaged to perform limited and specific activities to provide Sprinklr services to customers. The third party sub-processors which may provide customers with services are dependent on your onboarding or implementation needs and additional support you may require related to your use of the Sprinklr services. If applicable, the Statement of Work should include information about which implementation or managed service providers will support your account.
Sprinklr's Current Subprocessors
Last Updated: February 1, 2024
SPRINKLR AFFILIATES
Sprinklr Denmark ApS
Location: Denmark
Contact: privacy@sprinklr.com
Sprinklr France
Location: France
Contact: privacy@sprinklr.com
Sprinklr Germany GmbH
Location: Germany
Contact: privacy@sprinklr.com
Sprinklr Sprinklr Italia SRL
Location: Italy
Contact: privacy@sprinklr.com
Sprinklr Netherlands BV
Location: Amsterdam
Contact: privacy@sprinklr.com
Sprinklr Software Iberia S.L.
Location: Spain
Contact: privacy@sprinklr.com
Sprinklr Switzerland GmbH
Location: Switzerland
Contact: privacy@sprinklr.com
Unified XM AB Sweden
Location: Sweden
Contact: privacy@sprinklr.com
Sprinklr UK Limited
Location: UK
Contact: privacy@sprinklr.com
Sprinklr India Private Limited
Location: India
Contact: privacy@sprinklr.com
Sprinklr Australia Pty. Ltd
Location: Australia
Contact: privacy@sprinklr.com
Sprinklr Singapore PTE. Ltd.
Location: Singapore
Contact: privacy@sprinklr.com
Sprinklr Korea LLC
Location: Korea
Contact: privacy@sprinklr.com
Sprinklr Hong Kong
Location: Hong Kong
Contact: privacy@sprinklr.com
Sprinklr Japan K.K
Location: Japan
Contact: privacy@sprinklr.com
Sprinklr Middle East
Location: UAE
Contact: privacy@sprinklr.com
Sprinklr Brasil Ltda.
Location: Brazil
Contact: privacy@sprinklr.com
Sprinklr Canada Inc.
Location: Canada
Contact: privacy@sprinklr.com
Sprinklr Doha QFC Branch
Location: Qatar
Contact: privacy@sprinklr.com
Sprinklr Inc.
Location: US
Contact: privacy@sprinklr.com
HOSTING SUBPROCESSORS
Amazon Web Services, Inc.
Location: USA
Contact: Contact Form
Google LLC
Location: USA
Contact: Contact Form
Microsoft Corporation
Location: EU
Contact: Contact Form
*For customers who are engaging with PCI-DSS compliant features in Sprinklr, the processing of PCI data is facilitated through Amazon Web Services.
IMPLEMENTATION AND MANAGED SERVICES SUBPROCESSORS
Accenture International Limited (and any affiliates)
Location: Global (depending on customer location)
Contact: dataprivacyofficer@accenture.com
Allant Group LLC
Location: US
Contact: privacy@allantgroup.com
Cleargoals
Location: US
Contact: backoffice@cleargoals.com
Deloitte Consulting LLP (and any affiliates)
Location: Global (depending on customer location)
Contact: usprivacyquestions@deloitte.com
E-Contact
Location: US/South America
Contact: info@e-contact.cx
FKTR Digital LLC
Location: US
Contact: privacy@fktrdigital.com
HGS Digital LLC
Location: US
Contact: privacy@teamhgs.com
Infinit.cx
Location: US
Contact: info@infinit.cx
IST
Location: UAE, Egypt, KSA
Contact: enquiries@istnetworks.com
Kinship Digital Pty Ltd.
Location: US/Australia
Contact: Online Form
Premium Blend Consulting
Location: US
Contact: info@premium-blend.com
SMT
Location: Brazil
Contact: Online Form
Systems Arabia
Location: KSA
Contact: Online Form
Tech Mahindra
Location: Germany
Contact: dpo@techmahindra.com
Touchflows
Location: France
Contact: contact@touchflows.com
Trellist
Location: US
Contact: info@trellist.com
Watch and Act
Location: Spain and Portugal
Contact: info@watchandact.eu
Workrails
Location: Spain and Portugal
Contact: info@workrails.com
IN-PRODUCT SUBPROCESSORS
Cloudinary
Location: US
Contact: privacy@cloudinary.com
Shakr, Inc.
Location: US
Contact: hello@sha.kr
OzoneTel
Location: US/India
Contact: sales@ozonetel.com
Twilio, Inc.
Location: US
Contact: privacy@twilio.com
SignalWire
Location: US
Contact: dpo@signalwire/.com
Name: WalkMe
Location: US/EU
Contact: privacy@walkme.com
SendGrid
Location: US
Contact: privacy@twilio.com
AWS Translate
Location: US
Contact: Contact Form
Amazon Chime
Location: US
Contact: Contact Form
Google Products (Fonts and Translate)
Location: US
Contact: Contact Form
Google Vertex
Location: US
Contact: Contact Form
OpenAI
Location: US
Contact: legal@openai.com
OpenAI Azure
Location: US/EU
Contact: Contact Form
Embedly
Location: US
Contact: Contact Form
AI/ML SUBPROCESSORS
GFactors (OPC) Private Limited
Location: India
Contact: admin@gfactors.co.in
Mayflower Language Service Private Limited
Location: India
Contact: office@summalinguae.com
Scriptoniq
Location: India
Contact: info@scriptoniq.com
Zuru Services LLP
Location: India
Contact: connect@zuruservices.com
OpenAI
Location: US
Contact: legal@openai.com
In-product subprocessors - Read More
AI/ML subprocessors - Read More
Hosting subprocessors - Read More
Affiliates of Sprinklr - Read More
Implementation and managed service providers - Read More
Sprinklr is committed to the security of its platform, and the security of our customers’ personal data is a priority. We invest in a number of tools to promote enterprise wide security. These tools may have limited access to customer personal data. However, any personal data processed by our security vendors will be incidental to the service they are providing to Sprinklr, rather than part of the service Sprinklr is providing to its customers.
Sprinklr may update this list from time to time, and customers should subscribe to receive updates of that notice using the link above. Customers should receive notice of any changes to this list at least 30 days in advance of Sprinklr granting access to customer’s personal data to a new subprocessor (except for emergency replacements, which are sudden replacement of subprocessor where such change is outside of Sprinklr’s reasonable control, such as if the Sub-processor ceases business, abruptly discontinues services, or breaches its contractual duties). In the case of an emergency replacement, Sprinklr will inform customers of the replacement subprocessor as soon as possible and the process to formally appoint such subprocessor defined above shall be triggered.
If, after receiving notice, customers have a legitimate, material reason to object to Sprinklr’s use of a subprocessor, notice of the objection should be provided to Sprinklr via email at privacy@sprinklr.com within fifteen (15) days after receipt of Sprinklr’s notice. If there is an objection to a subprocessor, Sprinklr can cure the objection by: (i) aborting its plans to use the subprocessor with regard to that customer’s personal data; or (ii) taking corrective steps by in to address the issue and remove the objection and proceed to use the subprocessor; or (iii) ceasing to provide, or customer may agree not to use, (temporarily or permanently), the particular aspect of the service that would involve use of the subprocessor. If there is no objection, the subprocessor will be considered agreed to by the customer in accordance with our data protection agreements.
For additional information and FAQs - click here