Sub-processors
Last updated on February, 2024
About Cypress
Cypress is the new standard in front-end testing that every developer and QA engineer needs.
With millions of downloads and users in over 90 countries, Cypress is the leader in browser based test automation for the modern web. Cypress enables developers and enterprises to easily, quickly and accurately test anything that runs in the browser, empowering developers to build modern web applications faster, better.
Article 28 GDPR: sub-processor requirements
In accordance with article 28 of GDPR, Cypress follows all required obligations, including notifying Cypress’s customers (data controllers) of its existing sub-processors, as well as any changes to its sub-processor list as required.
What is a sub-processor
A sub-processor is a third-party engaged by Cypress, who has access to, or processes customer data (which may contain personal data) to assist Cypress in providing services to its customers. The listing below provides a brief description of each sub-processor.
Due diligence
Cypress undertakes the use of a commercially reasonable selection process by which it evaluates the security, privacy and confidentiality of practices of proposed sub-processors that will or may have access to, or process customer data. Cypress performs enhanced security assessments prior to onboarding new sub-processors as well as annually thereafter to ensure continued compliance.
How we share your personal information
Cypress requires all sub-processors to satisfy equivalent obligations as those required of Cypress (as a data processor), including but not limited to:
Process personal data in accordance with data controllers' documented instructions
Provide regular security and data protection training to employees with access to customer data
Implement and maintain appropriate technical and organization safeguards to help ensure data security and privacy
Cypress to perform regular assessments of its sub-processors during onboarding and annually thereafter
Sub-processors to inform Cypress of any suspected/actual breaches and cooperate in any investigations that may rise as a result
Follow the current list of sub-processors via the RSS feed
| Application services / hosting | Location |
|---|---|
| Altinity | U.S. |
| Amazon Web Services | U.S. |
| Auth0 | U.S. |
| Browserstack | U.S. |
| Clickhouse Cloud | U.S. |
| Metabase | U.S. |
| Redis | U.S. |
| Customer support / sales operations / ticketing | Location |
|---|---|
| Atlassian | U.S. |
| GitHub | U.S. |
| Goldcast | U.S. |
| Outreach | U.S. |
| Salesforce cloud services | U.S. |
| SendGrid | U.S. |
| Zendesk | U.S. |
| Data analytics | Location |
|---|---|
| Castor | U.S. |
| Clearbit | U.S. |
| dbt | U.S. |
| FullStory | U.S. |
| Hex | U.S. |
| Hightouch | U.S. |
| Hubspot | U.S. |
| Metabase | U.S. |
| Snowflake | U.S. |
| StitchData | U.S. |
Note: This document is not legally binding between Cypress and its customers. This document is only to provide a list of subprocessors, who may process/store/access customer data.