Third-party processors are any other organisation that comes into contact with the personal data your business processes.
These are often external tools or services your business may use to operate. You may have more than you think...
Here are a few common examples:
• Delivery services - Parcel Force, DPD, Royal Mail, Amazon
• Hosting services - AWS, Wix, Google Drive, Dropbox
• Email providers - Gmail, Yahoo, SendGrid, Outlook
• Analytics tools - Hotjar, Google analytics
• Payment services - Paypal, Braintree, Shopify, Mastercard
• Video conferencing - Zoom, Skype, Hangouts
• Connectivity tools - Teams, Slack, Trello
• CRMs - Hubspot, Zendesk, Pipedrive, Salesforce, Mailchimp
• Accounting services - Xero, Excell,
• External personal services - accountants, PA’s, lawyers etc
Third-party data processors act on behalf of the controller and generally do not have a direct agreement with the data subject. Many business services that handle personal data fall into this category.
For example, we (PORT.im) act as a data controller in our relationship with you (our customers). The email provider we use to communicate with you "Gmail" is acting on our behalf and so is are a "Third-party data processor when acting in this capacity.