The General Data Protection Regulation (EU) 2016/679 (GDPR) is a regulation in EU law on data protection and privacy in the European Union (EU) and the European Economic Area (EEA). More information available at GDPR website and GDPR.EU
Sprinkle data recognizes data protection and privacy are top priority for its customers and is committed to provide data protection and privacy required for customers bringing their data to Sprinkle.
What is Customer data?
Customer data is any information, including personal data, which is fetched using Sprinkle connectors, transformed and stored in Customer’s warehouse, and/or analyzed using Sprinkle BI tools.
What is the purpose of processing the Customer data?
Sprinkle services are provided for
- Moving data across different customer systems and transforming the data.
- Provide analytics on top of the data.
How does Sprinkle process the Customer data?
Sprinkle uses compute resources to fetch data from different connectors and store it in the customer’s warehouse. Sprinkle runs the queries for transformation or analytics on the customer’s data warehouse, and fetches output from customer’s storage for viewing and charting purposes.
Thus, customer data from the customer's warehouse is never stored in sprinkle infrastructure, other than loading it in memory. And customer data ingested through Sprinkle is never stored in Sprinkle infrastructure, for any datasource other than Webhooks. In case of webhook based ingestion, data is stored on sprinkle infrastructure, which gets promoted to customer’s storage every 5 minutes.
Sprinkle has an on-premise deployment option, which deploys Sprinkle infrastructure in the customer's environment itself.
Which third party processors are used to process the Customer data?
Sprinkle data uses cloud infrastructure for hosting its own infrastructure.
- Amazon, Inc. : AWS hosting environment
- Google, Inc. : Google cloud hosting environment
- Microsoft, Inc. : Azure hosting environment
- Cloudflare, Inc. : Hosting Secure endpoint and API
- Sendgrid, Inc. : Sending email notifications with analytics reports embedded
How is Sprinkle protecting the Customer data?
Our security guide outlines how customer data is protected at Sprinkle.
Who owns the control of the Customer data?
Customers who collect and store personal data are data controllers under GDPR. Sprinkle Data is the data processor. So, the customer has full control of the data in their organization/account.
How does GDPR apply to Customers?
Customers who collect and store personal data are data controllers under GDPR. Data controllers bear the primary responsibility for ensuring that their processing is compliant under the GDPR law.
How does Sprinkle support Customers with GDPR?
Sprinkle does not store any customer data on its infrastructure. Sprinkle data can help customers meet their obligations to demonstrate GDPR compliance as pertaining to Sprinkle Data services.
Does Sprinkle provide DPA for Customers?
Sprinkle provides its customers the Data Processing Agreement (DPA) upon request, which outlines our duties as a processor of Customer data. We will provide you with a signed DPA upon request, which you can contact us directly for, or email us at [email protected]
Personal data at Sprinkle
As mentioned, users can write to [email protected] to exercise their rights.
Which third party applications are used to process the personal data?
Sprinkle data uses the following third party applications for processing personal data :
- Zoho, Inc. : For email marketing activities
- Stripe, Inc. : For Credit card payments
- Google, Inc. (Google Analytics) : For tracking website traffic and visitors
- MixPanel, Inc. : For activity tracking on the product