Skillbox - Skillbox

Introduction

The purpose of this page is to share information about our service providers - specifically, those that may process personal data relating to our users.

Personal data

The personal data may be supplied by us to the service provider or collected by the service provider in the context of our services.

See our privacy policy for full information about the personal data that we collect and process.

Controllers vs processors

Some of those service providers will act as controllers with respect to the personal data they handle, while others will act as processors.

Service providers will act as controllers with respect to personal data where they determine the purposes and means of processing of that personal data.

Service providers will act as processors on our behalf where we determine the purposes and means of processing of personal data. Service providers acting as processors will only process personal data on our instructions.

Controllers: service providers acting as controllers of personal data

We may disclose personal data to (or enable the collection of personal data by) the following service providers acting as controllers.

Under applicable data protection laws, each of these service providers must provide to individuals whose personal data they process information about such processing.

Service provider	Data and services	Jurisdiction(s) and appropriate safeguards	Privacy policy
MangoPay SA	MangoPay collects and uses personal data, including payment details, relating to financial transactions entered into through our marketplace as well purchases of our service; MangoPay also collects and uses personal data to provide "know your client" and "know your business" services with respect to our marketplace.	UK and EEA only – No restricted transfers	Link
Google, Inc	We use Google Analytics to analyse the use of our website. Google Analytics uses cookies, and Google will collect data – including personal data – about the use of our website and services by means of these cookies. See our privacy policy for more details of how we use cookies.	Worldwide –Standard contractual clauses for data transfer approved under UK and EU law	Link

Processors: service providers acting as processors of personal data

We may disclose personal data to (or enable the collection of personal data by) the following service providers acting as processors.

Service provider	Data and services	Jurisdiction(s) and appropriate safeguards
The Rocket Science Group LLC dba Mailchimp	Names, email addresses and other electronic marketing-related data are processed by Mailchimp for the purpose of providing electronic marketing services	USA - Standard contractual clauses for data transfer approved under UK and EU law
The Positive Internet Company Limited	Positive provides hosting, backup and security services for our application. All of the data that is stored in our website database or processed by our application will be stored or processed on the servers of Positive	UK only – No restricted transfers
ALT Web Design Ltd dba ALT Agency	Web design, development and support services	UK, India and Pakistan – Full GDPR audits safeguarding data transfer approved under UK and EU law
Freelance contractors	Support ticket-related personal data and general operations services	Philippines - Standard contractual clauses for data transfer approved under UK and EU law

We have entered into data processing agreements or clauses complying with applicable data protection laws with each of these processors and sub-processors.

International transfers

As noted above, some of our service providers process data outside the United Kingdom.

Transfers of personal data to the European Economic Area (EEA), are permitted under United Kingdom (UK) data protection law, as the laws in the EEA are the subject of subsisting UK adequacy regulations; similarly, transfers of personal data from the EEA to the UK are permitted under EU data protection law, as the laws of the UK are the subject of a subsisting EEA adequacy decision.

Insofar as transfers to our service providers are not within the scope of an adequacy determination, we ensure that they are made under contractual protections approved by the competent data protection authority or authorities.

In the case of transfers that are restricted under the European Union's General Data Protection Regulation, the applicable clauses are available here:

https://ec.europa.eu/info/law/law-topic/data-protection/international-dimension-data-protection/standard-contractual-clauses-scc/standard-contractual-clauses-international-transfers_en

In the case of transfers that are restricted under the UK GDPR, the applicable clauses are available here:

https://ico.org.uk/for-organisations/guide-to-data-protection/guide-to-the-general-data-protection-regulation-gdpr/international-data-transfer-agreement-and-guidance/

If you would like more information, please get in touch.

Change notifications

As Skillbox continues to grow and evolve, our service providers may also change.

Please refer back to this page for updates.

If you would like to be notified by email of any change to our service providers, please register for such notifications below

Contact details

You can contact us regarding data protection-related matters:

by post, to Skillbox, 27 Old Gloucester Street, London, WC1N 3AX;
using our website contact form; or
by email, using the email address published on our website.

Service Providers updated: December 2023