Subprocessors Disclosure

The following tables list Kentik’s subprocessors that may process customer personal data in connection with Kentik platform services, as well as selected third party vendors that may be of interest to our customer base.

In order to satisfy the notification obligations in our DPA, Kentik will update this list promptly when engaging new subprocessors. Customers may subscribe to receive updates by sending an email to privacy@kentik.com with the subject “Subprocessor Subscription Request.” You can also subscribe via your preferred RSS reader at https://www.kentik.com/legal/subprocessors.xml or by using the following command in Slack:
/feed subscribe https://www.kentik.com/legal/subprocessors.xml.

Due diligence

Prior to use, Kentik evaluates the security, privacy, and confidentiality commitments of each vendor that may interact with sensitive data. This includes review of materials such as contractual commitments, data protection agreements, security audit reports, system documentation, and/or company privacy policies. For more information about our vendor and subprocessor due diligence procedures, please see our security whitepaper, trust center, or request a copy of our SOC 2 report.

Contractual safeguards

Kentik requires subprocessors to provide similar security, privacy, and confidentiality commitments relative to those Kentik offers to its own customers under the Kentik DPA. This includes requirements to:

  • Limit processing of personal data to documented instructions contained in contractual agreements and written communications.
  • Ensure personnel handling sensitive data are bound by confidentiality agreements and are vetted before handling sensitive data, including via background checks.
  • Prohibit the sale or sharing of sensitive information.
  • Implement and maintain appropriate technical, organizational, and procedural safeguards to ensure the confidentiality, availability, and integrity of data.
  • Comply with all relevant data protection laws and regulations.
  • Inform Kentik of any security incidents, breaches, or unauthorized disclosures.
  • Cooperate with reasonable requests or otherwise provide mechanisms to audit or assess the state of security practices.
  • Respond to legitimate data subject rights requests, including support for viewing, editing/correcting, deleting, and restricting processing of personal information.
  • Delete or return data at the conclusion of services, except as otherwise authorized or required by law.

Subprocessors

The following are declared subprocessors that may interact with production data, including personal data, in the normal course of business:

NameDescriptionUsed forHeadquarters
Amazon (AWS)Data center services- Data ingestion from customer AWS accounts410 Terry Avenue North, Seattle, WA 98109, US
Google Cloud (GCP)- Data center services
- AI-based product features
- Data ingestion from customer GCP accounts
- Offsite configuration backups
- AI features, when enabled (AI features are disabled by default and must be turned on by a highly-privileged admin)
1600 Amphitheatre Parkway Mountain View, CA 94043, US
Microsoft AzureData center services- Data ingestion from customer AWS accounts1 Microsoft Way, Redmond, WA 98052, US
PagerDutyTransactional email- Operational notifications600 Townsend St, Ste 200, San Francisco, CA 94103, US
PendoTransactional communications- Product analytics and customer feedback301 Hillsborough St, Raleigh, NC 27603, US
SendgridTransactional email- Product notifications1801 California Street, Suite 500. Denver, CO 80202, US
OpenAIAI-based product features- AI features, when enabled (AI features are disabled by default and must be turned on by a highly-privileged admin)3180 18th Street, San Francisco, CA 94110, US
ZendeskSupport ticketing- Product troubleshooting989 Market St., San Francisco, CA 94103, US

Service providers

The following vendors provide corporate services for Kentik that may have occasional or incidental exposure to customer personal data. Such exposure may be determined by customer communication practices and support needs.

NameDescriptionHeadquarters
Google Workspace- Corporate email
- Corporate file storage
- Multi-factor authentication
1600 Amphitheatre Parkway Mountain View, CA 94043, US
SlackTransactional communications500 Howard Street, San Francisco, CA 94105, US
SalesforceCustomer Relationship Management (CRM)415 Mission Street, San Francisco, CA 94105, US

The following vendors provide co-location facilities that host Kentik-owned servers underlying the Kentik platform. While our operations, physical security, and audit posture may rely on the performance of these vendors, they do not interact directly with customer production information and are not considered subprocessors according to the terms of our DPA:

NameDescriptionFacility Location
DeftCo-location facilityAshburn, VA or Frankfurt, Germany
EquinixCo-location facilityAshburn, VA
DatabankCo-location facilityAshburn, VA

Synthetics testing agents

In addition, Kentik also maintains a global network of synthetic testing agents from a variety of providers and locations designed to help customers evaluate routing, network, and application responsiveness for their systems. Customers may select Kentik-provided agents at their own discretion or may elect to deploy privately-hosted agents instead. Customers who are not subscribed to Kentik’s Synthetics monitoring services are not exposed to this feature. Kentik offers agents from a variety of common cloud providers to meet local preferences across our international customer base, including AWS, Google Cloud, Azure, IBM Cloud, Alibaba Cloud, and other hosting providers. To read more about our synthetic testing system, please see https://kb.kentik.com/v4/Ma01.htm.

Questions

If you have any questions about subprocessor use or wish to object to a specific subprocessor engagement, please contact us at privacy@kentik.com with legal@kentik.com cc’ed.

Last updated: 11/15/24

We use cookies to deliver our services.
By using our website, you agree to the use of cookies as described in our Privacy Policy.