GDPR FAQ
Does Wiraya have a Data Processing Agreement (DPA)?
Yes. A DPA is a standard part of our agreement with our customers. It covers the relevant GDPR requirements related to our services.
Does Wiraya have a Data Protection Officer (DPO)?
Yes. To reach our DPO, please send an email to compliance@wiraya.com.
Where is the data stored?
Wiraya’s production infrastructure is hosted in Frankfurt, Germany, and customer data is not transferred to any other country for storage.
Is the data transferred outside of the EU?
No.
By using services by Wiraya, am I affected by the Schrems II verdict?
No. Wiraya does not transfer customer data to a third country. Customer data is stored within the EU.
Is there a procedure to remove PII data?
Yes. Personal data is automatically removed after 120 days by default. This retention period can be adjusted based on your needs.
What kind of PII data is necessary for Wiraya?
We always strive to handle as little personal data as possible. In most cases, we only need the phone number of the customer we are communicating with, and no additional personal data is required.
Does Wiraya use sub-processors?
Yes. Wiraya uses a limited number of sub-processors to deliver its services, including hosting, SMS delivery, voice connectivity, and data enrichment. We have data processing agreements in place with relevant sub-processors. An overview of the current sub-processors is provided below.
Is Wiraya the Data Controller or the Data Processor?
When providing the services, Wiraya processes personal data on behalf of the client and acts as a Data Processor.
Does Wiraya come with a Service Level Agreement (SLA)?
Yes. We monitor the performance of our services 24/7, and our SLA is included as part of the standard Wiraya agreement.
Sub-processors
Security and proper handling of personal data are important to us. To provide our services, we rely on a limited number of trusted sub-processors for areas such as infrastructure, SMS, voice, and related support services. Below you can find an overview of the sub-processors we use and where data processing takes place.
| Service and supplier | Description of data processing activity | Location of data processing |
|---|---|---|
|
Amazon Web Services EMEA SARL
CR B 186284
38 Avenue John F Kennedy, L-1855 Luxembourg |
Hosting for the Wiraya Platform. | Germany |
|
GlobalConnect AB
Org. nr. 556597-6122
Pastellvägen 15, 121 36 Johanneshov, Sweden |
Sending SMS:
Connects an individual SMS with an individual customer (phone) and delivers the content of the SMS. Data is transferred using secure API calls.
Phone calls:
Connects an individual voice call with an individual customer (phone) and delivers the pre-recorded content to the customer. Data is transferred using secure API calls. |
Sweden, Denmark, Norway, Germany |
|
Infobip Ltd.
CR 7085757
5th floor, 86 Jermyn Street, SW1Y 6AW, London, United Kingdom |
Sending SMS:
Connects an individual SMS with an individual customer (phone) and delivers the content of the SMS. Data is transferred using secure API calls.
Phone calls:
Connects an individual voice call with an individual customer (phone) and delivers the pre-recorded content to the customer. Data is transferred using secure API calls. |
Germany |
|
Marknadsinformation i Sverige AB
Org.nr. 556672-0750
Sundbybergs Torg 1H, 7tr, 172 67 Sundbyberg, Sweden |
Enrichment of phone numbers. Only carried out when explicitly requested. | Sweden |
|
MessageBird B.V.
CR 51874474
Trompenburgstraat 2C, 1079 TX Amsterdam, The Netherlands |
Sending SMS:
Connects an individual SMS with an individual customer (phone) and delivers the content of the SMS. Data is transferred using secure API calls. |
The Netherlands and Belgium |
|
Sinch AB
Org. nr. 556969-5397
Lindhagensgatan 74, 112 18 Stockholm, Sweden |
Sending SMS:
Connects an individual SMS with an individual customer (phone) and delivers the content of the SMS. Data is transferred using secure API calls.
Phone calls:
Connects an individual voice call with an individual customer (phone) and delivers the pre-recorded content to the customer. Data is transferred using secure API calls. |
Sweden, Ireland, Germany |
|
OnlineCity.io ApS
DK27364276
Buchwaldsgade 50, 5000 Odense C |
Sending SMS:
Connects an individual SMS with an individual customer (phone) and delivers the content of the SMS. Data is transferred using secure API calls. |
Belgium, Ireland, Denmark, The Netherlands, Finland |