How leaders can prepare for the AI revolution: Get the report

Data Processors

Data Processors, Sub-Processors and Suppliers

Data Processors, Sub-Processors and Suppliers

We have listed the third party processors, suppliers and sub-processors we currently work with. We ensure we have a written contract in place with any third party processor we use to ensure that the processor only acts on our written instruction, that we are confident in the security of the data we have shared, and that we can perform audits and inspections to ensure that the data we share with them is secure and they are compliant with relevant data protection laws. These third party service providers are required not to use your Personal Data other than to provide the services requested by us.

These suppliers and sub-processors include:

  • Freshdesk (Freshworks Inc.), a customer support software used to communicate with users and track queries to ensure they are resolved. Data location: United States.
  • Amazon Web Services, Inc. (AWS), a subsidiary of Amazon.com, Inc which provides our cloud computing services. Data location: United Kingdom.
  • Customer.io, a service that allows us to send emails and SMS messages to you based on customer segments, for managing your Multiverse application and marketing purposes. Data location: United States.
  • G Suite and Google Cloud Platform (Google Group), which provides cloud computing, productivity and collaboration tools, software and products to us. Data location: European Union.
  • Typeform (Typeform S.L), an online form service we use to collect information from our users, suppliers and employers. Data location: European Union .
  • Meta Platforms, Inc, a social network and advertising platform that allows us to communicate with you and advertise to prospective candidates. Data location: United States.
  • Cognassist (e-Quality Learning Limited), a service developed to enable us to identify and support apprentices with additional learning needs. Data location: United Kingdom, and registered with the Information Commissioner’s Office under the UK Data Protection Act (no. ZA148727). Reason for processing: Legitimate interest of Cognassist to perform assessment and then ongoing support to apprentices on behalf of the Training Provider. Name needed to identify outcome of the report with the individual. Date of birth needed to inform assessment outcome based on age. Email and mobile phone number is collected to enable Cognassist to contact individuals to provide further support following assessment. Postcode is collected because Cognassist are trying to build up national profiles for their research into learning needs.
  • iPEGS Limited (MiPEGS service), a service that allows us to collect information and data from you through digital forms that you complete electronically. Data location: United Kingdom, and registered with the Information Commissioner’s Office under the UK Data Protection Act (no. ZA166460). Reasons for processing: Legal obligation with the Education and Skills Funding Agency.
  • The Education and Skills Funding Agency, the executive government agency of the UK Department for Education, with which we share learner data in accordance with the terms and conditions of funding imposed on providers of learning and our legal obligation as a training provider. Data location: United Kingdom, and registered with the Information Commissioner’s Office under the UK Data Protection Act (no. Z1001723).
  • Pellcomp Software Ltd, the provider of the PICS learner management system that we use to manage learner data once an apprentice starts an apprenticeship, and for financial management services. Data location: United Kingdom, and registered with the Information Commissioner’s Office under the UK Data Protection Act (no. Z7316870).
  • Tableau Software UK Limited, a data visualisation and analytics platform. Data location: United Kingdom, and is registered with the Information Commissioner’s Office under the UK Data Protection Act (no. Z2760739). All data processed using Tableau software is stored within the UK on Multiverse-owned servers.
  • OVH Limited, a cloud infrastructure provider, which allows us to host data servers. Data location: United Kingdom, and is registered with the Information Commissioner’s Office under the UK Data Protection Act (no. Z1153433). All of our OVH servers are located within the UK and are owned by Multiverse.
  • Aircury Limited, a company that provides us with products and services for transferring and transforming data between our data systems. Data location: United Kingdom, and is registered under company number 10641335.
  • Hotjar, a technology service that helps us better understand our users’ experience (e.g. how much time they spend on which pages, which links they choose to click, what users do and don’t like, etc.), enabling us to build and maintain our service with user feedback. Hotjar uses cookies and other technologies to collect data on our users’ behaviour and their devices. This includes a device's IP address (processed during your session and stored in a de-identified form), device screen size, device type (unique device identifiers), browser information, geographic location (country only), and the preferred language used to display our website. Hotjar stores this information on our behalf in a pseudonymized user profile. Hotjar is contractually forbidden to sell any of the data collected on our behalf.
  • Heap (Heap Inc) used to provide user analytics to improve our products and services. We'll never capture sensitive information (e.g. passwords) and avoid capturing more data than required to improve our products and services.
    Data location: United States.
  • Hivebrite, a cloud community management and engagement provider, which allows us to host and manage the Multiverse Community Hub. Data location: European Union.
  • Iterable, a service that allows us to send emails and SMS messages to you based on customer segments, for managing your Multiverse application and marketing purposes. Data location: United States.
  • Webanywhere - Host our learner management system Applied. Data location: United Kingdom.
  • Zapier, provides software to integrate web applications via automation. Data location: United States.
  • Auth0 (Okta, Inc.), an identity and management platform used to provide Single Sign On (SSO) capability across our platforms. In order to provide this service, they securely store the following user data: email address, Multiverse account password, first name and last name. Data location: United States.