top of page
CHANNEL CHASER 

ANNEX A - PUBLIC SUB-PROCESSOR REGISTER

Version: 1.0
Last Updated: 19/11/2025
Maintained By: Data Protection Officer
Email: policy@cairncoms.co.uk
Operator: Cairncom Communications Ltd (United Kingdom)

 

1. Introduction

This Sub-Processor Register lists all third-party service providers (“Sub-Processors”) engaged by Cairncom Communications Ltd (“Channel Chaser”, “we”, “us”) to support the delivery of the Channel Chaser SaaS platform.

A “Sub-Processor” is a third party that processes personal data on behalf of Channel Chaser for the purpose of providing services to our customers, in accordance with:

  • UK GDPR

  • EU GDPR

  • Data Protection Act 2018

  • CCPA/CPRA (Service Provider provisions)

We perform due diligence and maintain Data Processing Agreements (“DPAs”) with all Sub-Processors.

 

2. Current Sub-Processors

Below is the complete and up-to-date list of Sub-Processors used by Channel Chaser.

 

2.1 Platform Hosting & Infrastructure

Wix.com Ltd

Purpose:Website hosting, infrastructure, platform frontend, storage for UI components, cookie banner and web security tools.

Data Processed:

  • IP addresses

  • Device/browser metadata

  • Navigation logs

  • Form submission data (where applicable)

Location of Processing: EU / US (Region determined by Wix infrastructure routing)

Protections: SCCs, GDPR-compliant DPA, ISO 27001

 

2.2 Email, Communication & Productivity Services

Microsoft Corporation (Office 365 / Outlook / SharePoint / OneDrive)

Purpose: Email communication, file storage for support attachments, internal documentation and ticket handling.

Data Processed:

  • User emails

  • Names

  • Support files and attachments

  • Metadata included in support emails

  • Internal notes

Location of Processing: EU / UK / US (per Microsoft regional routing)

Protections: Microsoft Data Protection Addendum, SCCs, UK Addendum, ISO 27001

 

2.3 CRM Integrations (Optional)

These Sub-Processors process personal data only when a customer connects their CRM to Channel Chaser.

HubSpot, Inc.

Purpose:CRM synchronisation, deal pipeline updates, contact record management (when enabled by customer).

Data Processed:

  • Contact names

  • Email addresses

  • Reseller and partner records

  • Deal notes & updates

Location of Processing: US / EU (depending on customer’s HubSpot region)

Protections: SCCs, HubSpot DPA, SOC 2, ISO 27001

 

Zoho Corporation

Purpose: CRM synchronisation, deal automation, contact updates (when enabled by customer).

Data Processed:

  • CRM contact details

  • Deal updates

  • Reseller information

Location of Processing: US / EU / India (depending on customer’s Zoho region)

Protections: Zoho DPA, SCCs, ISO 27001

 

2.4 Analytics & Performance Monitoring

(Only active if enabled and consented by the user, depending on region)

Wix Analytics

Purpose: Website usage analytics, performance monitoring.
Data Processed:

  • Device identifiers

  • Page views

  • User session metrics

Location: EU / US
Protections: Wix DPA, SCCs

 

Optional Third-Party Analytics Tools

(e.g., Google Analytics — only if/when activated)


Purpose: Site and platform analytics.
Data Processed:

  • IP address

  • Device/browser data

  • Usage metrics

Location: Global
Protections: SCCs, consent-based activation (UK/EU)

2.5 Support Tools

(If chat widgets or ticketing tools are added in the future, they will appear here.)

Current Status:
Channel Chaser does not use third-party chat widgets or external support-ticket SaaS tools at this time.


Support is managed via Microsoft Office 365 (already listed).

 

3. International Data Transfers

Where Sub-Processors transfer data outside the UK/EU:

  • Standard Contractual Clauses (SCCs)

  • The UK International Data Transfer Addendum

  • Transfer Impact Assessments

  • Appropriate organisational and technical controls

…are all used to ensure lawful transfers.

 

4. Customer Notifications About Changes

We maintain this register to ensure transparency. Customers will be notified:

  • 30 days in advance of any new Sub-Processor being added, except where:

    • The Sub-Processor is optional and only activated by the customer

    • The Sub-Processor performs a strictly necessary function (e.g., security)

Notifications may be sent by email or posted on our website.

 

5. How Customers Can Object

If you object to a new Sub-Processor:

  1. Contact us at policy@cairncoms.co.uk within the notice period.

  2. We will work with you to find a reasonable alternative.

  3. If no alternative is available, you may suspend use of the relevant integration or terminate affected services as permitted by the Terms of Service.

 

6. Contact Information

For privacy or data protection queries:
policy@cairncoms.co.uk

 

bottom of page