Using Enalyzer involves the engagement of certain sub-processors. The specific sub-processors applicable to an individual customer depend on how the platform is used. Microsoft Azure serves as the underlying infrastructure for the entire Enalyzer platform and is therefore a required sub-processor. For more information, see Appendix 5 in the Data Processing Agreement.
Microsoft Azure as Sub-processor
At Enalyzer, we take data security and compliance seriously. To provide our services reliably and securely, we utilize Microsoft Azure as a trusted sub-processor for hosting and processing data on our platforms.
Microsoft Azure is recognized globally for its robust security, compliance, and privacy standards. It maintains multiple international certifications (including ISO/IEC 27001, SOC 2, and more) and operates in line with the principles outlined in Microsoft’s Trust Center. This ensures that any customer data processed via our SaaS solutions benefits from enterprise-grade security and best-in-class data management.
Partnership with ADDvision
We collaborate with ADDvision as our trusted operations partner. They are responsible for the ongoing monitoring of our systems hosted in Microsoft Azure, including performance, uptime, and security oversight. In addition to their operational responsibilities, ADDvision serves as a strategic advisor, supporting the daily management and continuous development of our SaaS platform.
In collaboration ADDvision, we guarantee that all customer data is hosted exclusively within the EU. Specifically, data is stored in Microsoft Azure’s geo-redundant data centers in:
- North Europe (Dublin, Ireland)
- West Europe (Amsterdam, Netherlands)
This setup ensures high availability, disaster recovery, and compliance with EU data sovereignty laws. ADDvision enforces strict Azure policies that prevent any deployment of resources outside these approved EU regions, as detailed in the attached Data Location Statement.
Audit
We conduct annual audits of Microsoft Azure’s security and compliance posture as part of our internal controls and risk management processes. This is documented in our Audit Report. This independent audit verifies that our control environment — including the security and privacy measures connected to Azure — is designed and operating effectively throughout the reporting period.
Customer Lockbox
We have enabled Microsoft Azure’s Customer Lockbox feature. This ensures that even in exceptional cases where Microsoft engineers need to access customer data for support purposes, explicit approval from Enalyzer is required beforehand.
EU Data Boundary
Microsoft has completed its EU Data Boundary. This commitment ensures that personal data of EU-based customers remains and is processed within the EU, strengthening our compliance with European data protection standards.
Data Guardian adds an extra layer of assurance by ensuring that only Microsoft personnel residing in Europe control and oversee remote access to systems handling your data. Any access by engineers outside Europe is subject to real-time approval and monitoring by EU-based staff and is logged in a tamper-evident ledger.
Sub-processors
Microsoft Azure may rely on select sub-processors to deliver its cloud services. In line with our Data Processing Agreements, we closely monitor Microsoft’s list of sub-processors on a monthly basis to ensure continued compliance and transparency. You can learn more about their approach here.
Microsoft’s list of sub-processors is comprehensive. For the services Microsoft Azure delivers to Enalyzer the underneath sub-processors are used:
Akamai Technologies, Inc
Redis, Inc.
Arkose Labs, Inc.
Scuba Analytics, Inc.