Data processing & subprocessors
This page is a starter summary for UK GDPR diligence. Customer and engineer relationships may be controller, processor, or joint controller depending on the agreement — your counsel must confirm. Executed terms prevail over this page.
UK GDPR
Riggr processes personal data in line with UK GDPR. [Insert legal entity name, company number, registered address.]
Subprocessors
We use subprocessors for hosting, communications, and business tools (e.g. finance integrations). A current list is available on request and updated when we add or replace material subprocessors per our DPA.
International transfers
Where data leaves the UK, we use appropriate safeguards (e.g. UK IDTA / Addendum) as required. [Map your stack — if you target UK-only, document exceptions.]
Data processing agreement (DPA)
Riggr offers a customer DPA for executed commercial agreements. Request via contact or your account lead.
Special category and criminal offence data
If your programme involves health, criminal records, or other special-category processing, this must be explicitly scoped in your agreement and privacy notices — do not rely on this marketing summary.
Have your counsel review before relying on this page. Link from the trust hub for enterprise buyers.