Use of third-party data processors
The Product Security Catalog and SSA contains controls and requirements for the use of a third-party data processor in our service provision. This is typically third-party hosting providers, such as Amazon Web Services or Microsoft Azure, but can also be third parties we use for service monitoring, customer feedback and improvement or security purposes.
All third parties that process customer data and/or personal data, are registered, including verification that the purpose for processing and processing location are legitimate and authorised. (And specifically, any use of third-party data processors is checked against the Visma Software Terms of Service).
This process also determines if a data processing agreement is required, and if so, one is entered into with the third-party data processor.