Subprocessor
A third party engaged by a data processor to carry out processing activities on behalf of the controller.
Under GDPR, a processor may only engage a subprocessor with the prior written authorization of the controller, and must flow down the same data protection obligations to the subprocessor that apply to the processor. Controllers typically provide "general authorization" for subprocessors, requiring only notification when subprocessors are added or changed, with a right to object to new subprocessors.
Subprocessor management has become a significant compliance function as cloud services involve complex chains of vendors. A SaaS company may use cloud infrastructure (AWS/GCP/Azure), email delivery (SendGrid), CRM (Salesforce), support ticketing (Zendesk), and analytics platforms — each of which may be a subprocessor with access to personal data. Subprocessor lists must be maintained, shared with customers, and updated when vendors change. Document intelligence helps data protection officers track subprocessor lists across customer DPAs, identify unauthorized subprocessors, and verify that subprocessor changes have been properly notified.
Related Terms
More compliance Terms
General Data Protection Regulation (GDPR)
The European Union regulation governing how organizations collect, process, store, and protect personal data.
SOC 2
An auditing framework that evaluates an organization's controls for security, availability, processing integrity, confidentiality, and privacy.
HIPAA
The U.S. federal law that establishes standards for protecting sensitive patient health information.
Audit Trail
A chronological record of system activities that provides documentary evidence of the sequence of actions performed.
Data Privacy
The practice of handling personal information in accordance with legal requirements and individual expectations about data use.
PCI DSS
The Payment Card Industry Data Security Standard — a set of requirements for organizations that handle credit card information.
Analyze Documents Related to Subprocessor
Upload any document and get AI-powered analysis with verifiable citations.
Start Free