Subprocessors and Security Notice
This Subprocessors and Security Notice explains how Recognage Technologies Limited uses subprocessors and protects customer data when providing Recognage Platform and related services.
This Notice is intended to support our Privacy Policy, Terms of Service, and Data Processing Agreement.
1. Purpose
Recognage provides software, AI, automation, data, infrastructure, cybersecurity, and organizational operating intelligence services.
To deliver these services securely and reliably, we may use trusted third-party service providers, vendors, infrastructure providers, and subprocessors.
2. What a Subprocessor Is
A subprocessor is a third party that processes personal data on behalf of Recognage in connection with providing services to our customers.
Subprocessors may support hosting, storage, authentication, analytics, monitoring, email delivery, support, security, payments, AI infrastructure, or other operational functions.
3. How We Select Subprocessors
Recognage aims to use subprocessors that provide appropriate security, confidentiality, reliability, and data protection commitments.
Before engaging subprocessors where personal data may be processed, we consider factors such as:
- service necessity;
- data categories involved;
- security practices;
- confidentiality commitments;
- location of processing;
- contractual protections;
- operational reliability;
- privacy and compliance posture.
4. Subprocessor Obligations
Recognage requires subprocessors that process personal data to protect that data under obligations that are appropriate to the nature of the processing.
These obligations may include:
- confidentiality;
- security safeguards;
- restricted use of data;
- incident notification;
- assistance with compliance requests;
- deletion or return of data where applicable;
- flow-down data protection obligations.
5. Subprocessor List
Recognage will maintain a list of subprocessors or make one available on request.
A future public subprocessor page may include:
- provider name;
- service purpose;
- processing location or region where available;
- data categories processed;
- service category.
Current subprocessor list: Available on request.
6. Subprocessor Changes
Recognage may add or replace subprocessors as the services evolve.
Where required by contract or applicable law, Recognage will provide notice of material subprocessor changes and allow customers to object on reasonable data protection grounds.
7. Security Program
Recognage uses reasonable technical and organizational measures designed to protect the confidentiality, integrity, and availability of customer data.
These may include:
- role-based access controls;
- authentication and authorization controls;
- access logging and audit trails;
- encryption where appropriate;
- secure development practices;
- infrastructure monitoring;
- vulnerability management;
- backup and recovery measures;
- incident response procedures;
- least-privilege access;
- confidentiality obligations for personnel;
- separation of customer workspaces where applicable;
- administrative controls for internal access.
8. Access Controls
Recognage limits access to customer data to authorized personnel, systems, and subprocessors that require access to provide, secure, support, or maintain the services.
Customers are responsible for configuring their own workspace access, roles, teams, permissions, and visibility settings.
9. Data Hosting and Transfers
Recognage may host or process data using cloud infrastructure or service providers located outside Tanzania, depending on service architecture and customer configuration.
Where required, Recognage uses appropriate contractual, organizational, and security safeguards for cross-border processing.
10. Incident Response
If Recognage becomes aware of a security incident or personal data breach affecting customer data, we will investigate and take appropriate steps to contain, mitigate, and remediate the issue.
Where required, we will notify affected customers without undue delay and provide information reasonably available at the time.
11. Customer Responsibilities
Customers are responsible for:
- managing user access and permissions;
- protecting account credentials;
- configuring workspace visibility and governance settings;
- reviewing connected integrations;
- ensuring submitted data is lawful and authorized;
- maintaining internal security policies and user training;
- promptly notifying Recognage of suspected misuse or unauthorized access.
12. AI and Model Processing
Recognage may use AI and automation providers to support platform functionality such as extraction, classification, structuring, reasoning, and analytics.
Recognage does not use Customer Data to train third-party foundation models unless expressly agreed to by the customer or permitted under the applicable agreement.
13. Security Requests
Customers may request reasonable security information about Recognage’s controls, subject to confidentiality, security limitations, and commercial reasonableness.
Security requests can be sent to:
14. Changes to this Notice
Recognage may update this Notice as our infrastructure, subprocessors, and security practices evolve.
15. Contact
Recognage Technologies Limited
Dar es Salaam, Tanzania
Email: legal@recognagetech.co.tz