top of page

Subprocessors

Effective starting: 12 September 2025

 

To support the delivery of the Drova services, Drova Pty Limited and its related entities (Drova, we, us, or our) engage certain third-party service providers (Subprocessors) that may process Content Data on our behalf. This page outlines the identity, location, and function of each Subprocessor. Capitalised terms used but not defined herein have the meaning assigned to them in the Drova Customer Agreement or other applicable agreement with Drova (the “Agreement”).

 

 

Third Parties

 

Before engaging any Subprocessor, Drova undertakes a robust vendor assessment process to evaluate their data privacy, security, and confidentiality standards. We execute written agreements that impose data protection obligations on Subprocessors that are no less protective than those in our Agreement.

 

We’ve categorised the subprocessors by their roles to give you clearer insight into how these services interact with your data.

 

 

Infrastructure Subprocessors – Service Data Storage

 

These subprocessors provide the primary cloud hosting or platform environment for Drova Services. These are secure environments that are controlled by the Drova team and are protected by Data Processing Agreements.

 

Entity: Amazon Web Services, Inc.

Purpose: Cloud Service Provider

Entity Country: United States

 

Entity: Google Cloud

Purpose: Cloud Service Provider

Entity Country: United States

 

Entity: JumpCloud

Purpose: Identity, device and access management

Entity Country: United States

 

Entity: Microsoft Corporation (Microsoft Azure)

Purpose: Cloud Service Provider

Entity Country: United States

 

 

Service Specific Subprocessors – Core Functionalities

 

Drova works with other third-parties to provide specific functions or features within the Service. These providers may have access to relevant personal information (both in an identifiable and anonymous manner) in order to provide their relevant functions.

 

Entity: Auth0

Purpose: Identity Management

Entity Country: United States

 

Entity: Atlassian Corporation Plc.

Purpose: Project Development (Jira), Corporate Wiki (Confluence), Source Code Repository (BitBucket)

Entity Country: Australia

Entity: Azure OpenAI (Microsoft) 

Purpose: Generate recommendations for Impacts, Risks and Opportunities

Entity Country: United States

 

Entity: CrowdStrike

Purpose: Threat Detection & Endpoint Protection

Entity Country: United States

 

Entity: Cypress.io

Purpose: Product Quality Assurance (PQA) Testing

Entity Country: United States

 

Entity: Kong

Purpose: API Gateway

Entity Country: United States

 

Entity: LaunchDarkly

Purpose: Feature Flags

Entity Country: United States

 

Entity: New Relic

Purpose: Application Monitoring

Entity Country: United States

Entity: Posthog, Inc
Purpose: Product Analytics
Entity Country: Germany

 

Entity: Relevance AI

Purpose: AI Workforce Platform – AI Agent Automation

Entity Country: Australia

 

Entity: Segment, Inc.

Purpose: Customer & Product Analytics

Entity Country: United States

 

Entity: Sendgrid

Purpose: Email Notification Services

Entity Country: United States

 

Entity: Snyk

Purpose: Code Security

Entity Country: United States

 

Entity: SonarCloud

Purpose: Code Quality

Entity Country: Switzerland

 

Entity: Syncfusion

Purpose: Developer control suites (Bold Bi & Bold reports)

Entity Country: United States

 

Entity: Tavily

Purpose: AI-powered Search & Context Enrichment

Entity Country: United States

 

Entity: Xero

Purpose: Billing and Payment Collection Services

Entity Country: New Zealand & United Kingdom
 

Entity: Zoho

Purpose: Customer Relationship Management (CRM)

Entity Country: Israel

 

Marketing & Communication Tools

 

Used for outreach, advertising, and internal collaboration.

 

Entity: Apollo.io

Purpose: Sales Intelligence & Prospecting Tools

Entity Country: United States

 

Entity: Aircall

Purpose: VoIP & Call Recordings

Entity Country: France

 

Entity: Braze

Purpose: Marketing Automation

Entity Country: United States

Entity: HeyReach

Purpose: Automated LinkedIn Outreach & Messaging

Entity Country: Estonia

 

Entity: LinkedIn Corporation

Purpose: Advertising, Retargeting and Brand Awareness

Entity Country: United States

 

Entity: OpenAI

Purpose: Data enrichment 

Entity Country: United Kingdom

 

Entity: Slack Technologies, LLC

Purpose: Internal Communication Platform

Entity Country: United States 

Entity: Unbounce

Purpose: Landing Pages & Conversion Tracking

Entity Country: Canada

 

Entity: Wix.com

Purpose: Web Hosting and Forms

Entity Country: Israel

 

 

Add-on Integrations (Optional Third Party Integrations)

 

The following subprocessors are third-parties that we offer optional integrations with. Relevant customer data and personal information may be shared with these services or from these services as part of delivering the wider Drova services. These third-parties are initiated and managed by you.

 

Entity: LexisNexis Regulatory Compliance

Purpose: Real-time Regulatory Content Feed & Updates

Entity Country: Australia / United Kingdom

 

Entity: Workato, Inc.

Purpose: Workflow Automation & Integration Platform

Entity Country: United States

 

Note: Content Data refers to any data or content that users submit or upload into the Drova platform and which is processed or stored by Drova in accordance with the Agreement.

Subscribe to our newsletter

© 2024 Drova Pty Ltd. All rights reserved.

Privacy Policy

  • Instagram
  • Facebook
  • X
  • LinkedIn
  • YouTube
  • TikTok
bottom of page