Secure Code Warrior has made information security and data privacy foundational principles of everything we do, and we recognize the importance of adhering to all international laws and regulations that apply to our processing of personal data.
To that end, we ensure that all of our policies, processes and procedures meet the requirements of the European General Data Protection Regulation (‘GDPR’) - the most robust data privacy regime in the world - regardless of where our customers are based, while monitoring and adapting to international developments that go beyond the GDPR when necessary.
Secure Code Warrior is committed to safeguarding our information assets, and those of our customers, against misuse, abuse or compromise. Read our Security and Privacy FAQ and Whitepaper for more detail.
Depending on your relationship with us, we may process personal data as either a ‘processor’ or ‘controller’.
Secure Code Warrior is a processor with regard to the personal data that we process on behalf of our customers (acting as a controller) to provide our products and/or services (‘customer data’).
By necessity, we are an independent controller when we process personal data on our own behalf and for our own business purposes (‘SCW data’). For example, when we use data analytics to improve our services or we have your consent to send marketing messages to you.
For the purposes of the California Consumer Privacy Act (‘CCPA’), processor is equivalent to the term ‘service provider’, but we do not meet the threshold to be considered a ‘business’ under the same act.
We have an international Data Processing Addendum (‘DPA’) that is tailored to our services and role as a processor of customer data.
Our DPA includes Standard Contractual Clauses (‘SCCs’) to safeguard transfers from the EU/EEA and UK to countries or territories not recognised under applicable data protection law as providing an adequate level of protection for personal data (‘third countries’).
Please read our International Data Transfer page for more information about how we safeguard international data transfers.
As a processor, Secure Code Warrior further engages third-parties who process customer data to help us provide our products and/or services (‘sub-processors’). For more information about our sub-processors and our due diligence process, please refer to our list of sub-processors.