We provide Spektrix on a Software as a Service (SaaS) basis. This means we look after the maintenance, development and day-to-day operations of our software. We know that our clients rely on our ability to safely and securely provide access to Spektrix 24/7 so that Spektrix is always available.
Over 450 clients entrust us with their data and we take looking after it extremely seriously. In our role as a Data Processor, we will only act on the instructions of our clients, who are Data Controllers, when processing data.
Further information on data protection and the roles of Data Controllers and Data Processors can be found here.
Where is my Spektrix database located?
The Spektrix system and your database of customer data are stored on Microsoft Azure, an industry leading hosting infrastructure. The Microsoft Azure data centres where Spektrix is located are within the EEA and UK. Our primary data storage and processing activity uses EEA data centres. Our disaster recovery infrastructure and some of our reporting processes use a UK data centre.
Spektrix will only process data on your instruction; for example, when you create or amend customer records in your system, process orders, run reports, or build Customer Lists for email campaigns. Your data will only ever be transferred between the UK and the EEA as part of providing our services, unless you instruct us to do otherwise.
TIP: Spektrix is certified under ISO27001:2022, also called IEC27001, the most recent standards for establishing, implementing, maintaining, and continually improving an information security management system. Take a look at our blog on Database Security for Non-Profits to learn more.
Who else processes data from my Spektrix system?
Third Parties
When using third party services that are integrated with your Spektrix system, data will be shared with them on your instruction. Third party services may include, but are not limited to, integrated email marketing platforms like dotdigital and card payment processing services like Opayo (formerly SagePay). The processing of data by these third party providers is governed by separate agreements you will have in place with them. For information on security and data storage by third parties that process data on your behalf, you can find more information on dotdigital here and on Opayo here, alternatively you can contact them directly.
Sub-processors
We work with a number of data sub-processors as part of delivering our services. These are service providers we have entered into contractual agreements with. You’ll find an up-to-date list of these sub-processors here.
We will always ensure that the agreements we have in place with sub-processors offer you no less protection than that set out in your agreement with us.
More information on third Parties and sub-processors can be found in your Spektrix Data Processing Agreement.
More information
You can find more information about our data security and privacy arrangements here.
***
If you would like to speak with us about our data storage and processing arrangements, please contact the Support, Training and Consultancy team.