Sub-Processor Notice

BIS Safety Software Inc. (“BIS”) uses sub-processors to help us provide our comprehensive and integrated learning management software. BIS engages with sub-processors (“Sub-processors”) who may receive or process client private data and who perform specific and various functions as part of the services we provide to you. “Client Private Data” refers to all digital information, data, or files, which may include personal information, within a client’s portal. “Personal Information” is defined consistent with privacy laws to include name, email address, physical location, postal address, birthdate, and other information that identifies a person.   This notice describes our process for engaging Sub-processors and lists the Sub-processors we use to provide services to you.   Our clients may sign up to receive notifications of any changes to this Sub-processor Notice through the System Updates module within their portal in our software. If you have any concerns about new Sub-processors, please contact our Support Team by phoning 1-866-416-1660 or emailing privacy@bistraining.ca within 14 days of notification.  

Our Due Diligence

Protecting the security and privacy of Client Private Data is paramount to our business. BIS has a third-party risk management program that includes commercially reasonable practices to assess a sub-processor’s security, privacy, and confidentiality policies.

BIS requires its Sub-processors to satisfy privacy and security criteria, including but not limited to:

  • Compliance with recognized industry data security standards, such as PCI DSS, SOC2 Type II, or ISO 27001.
  • Compliance with applicable privacy laws, such as the Personal Information Protection and Electronic Documents Act (PIPEDA), the European Union General Data Protection Regulation (GDPR), and the Children’s Online Privacy Protection Act (COPPA).
  • A publicly available privacy policy for the Sub-processor.
  • A security program that includes, but is not limited to, the following key components:
    • Technical and administrative data security controls for safeguarding Client Private Data.
    • Policies for controlling access to Client Private Data following a standard of least privilege.
    • Confidentiality agreements with team members and contractors.
    • Cybersecurity training programs for team members and contractors.
    • A security incident response plan that includes notification to BIS should Client Private Data be affected.

Our Sub-Processors

BIS uses Sub-processors to host the infrastructure of our software web application and integrated mobile application. Additionally, we use Sub-processors to provide certain features and functionality within the software and mobile application, as well as business services, such as customer support management platforms.

The table below summarizes the Sub-processors we use, the services they provide, and the locations where they host, process, or store Client Private Data.

Sub-Processor Service Data Hosting, Processing, or Storage Location
Amazon Web Services, Inc. Cloud service provider for our software and mobile application, including the databases which store Client Private Data. Canada
Dialpad, Inc. Cloud service provider for phone communications. Dialpad, Inc. records, transcribes, and stores calls anyone makes to our (toll-free Canada) 1-866-416-1660, (local) 1-780-410-1660, and (toll-free USA) 1-713-424-0660 support phone lines. United States of America
Fireflies AI Corp. Cloud service provider for artificial intelligence notetaking and transcription services. If the Fireflies AI Corp. AI is present in meetings we have with our clients and users, it records, transcribes, and stores meeting data. Canada
Google LLC Provider of translation and location tracking functionality within our software and mobile application. Google LLC stores system data from our software that is translated to other languages and identifies the location of mobile devices used to complete digital forms. United States of America
Integrity Advocate (temporary) Provider for virtual proctoring functionality in online courses. Integrity Advocate accesses and stores temporarily images of users completing courses and forms of identification, such as driver’s licences, that users may show to prove their identity. Canada
Metaorange Digital Private Limited Cloud infrastructure consulting service provider. Metaorange Digital Private Limited may access Client Private Data within the software infrastructure and production environment to perform services. India
Microsoft Corporation Cloud service provider for communications, data storage, and other business-related services, such as Microsoft Word, Excel, PowerPoint, SharePoint, Teams, etc. Email communications, including attachments in any format, and information provided by clients may be stored using services from Microsoft Corporation. Canada
Moneris Solutions Corporation Payment processor for our software application. Moneris Solutions Corporation stores cardholder data and sensitive authentication data. Canada
OpenAI, L.L.C. Provider for generative artificial intelligence integrations within our software. OpenAI, L.L.C. stores all inputs made to AI services within our software, as well as AI-generated outputs. United States of America
Pinecone Systems, Inc. Provider of the vector database for the AI chatbot in our software. Pinecone Systems, Inc. stores all information added to the knowledge bases for the AI chatbot and inputs made by users to the AI chatbot. United States of America
Techversant Infotech Pvt. Ltd. Software development, cloud infrastructure, and debugging service provider. Techversant Infotech Pvt. Ltd. may access Client Private Data for software troubleshooting purposes. They may store very limited Client Private Data for the purposes of providing software development services. India
Twilio, Inc. Provider for text messaging services within our software. Twilio, Inc. may access and store cell phone numbers belonging to users. United States of America, Ireland, or Australia
Zendesk, Inc. Cloud service provider for our customer support management platform. Zendesk, Inc. receives, sends, and stores communications from clients and users when they email our Support Team. United States of America

Last Updated: March 19, 2025

Report a Concern

If you have a concern, we want to know about it. All information provided is treated in the strictest confidence.

Contact Us

Contact Us

"*" indicates required fields

By pressing submit, I consent to the Privacy Policy and Terms and Conditions.

This field is for validation purposes and should be left unchanged.
SOC Badge

Software

- Learning Management
- Classroom Software
- Training Record Management
- Digital Forms
- Asset Management
- Online Folders
- EHS Software

Popular Training

- ATV/UTV Safety Training
- OHV Operator Safety (OSHA)
- Lithium-Ion Battery Awareness
- Spill Response Training
- Indigenous Cultural Awareness
- Telescopic Handlers
- Ground Disturbance 201
- Aggregate Hauling
- Office Ergonomics Training
- Lockout Tagout Worker Safety (OSHA)
- Blended Learning Options

Free Resources

- LMS Buyer's Guide
- Training Record Management Buyer's Guide
- Combating Complacency Whitepaper
- Digital Onboarding Guide

SafetyNET

- Reseller Program
- Corporate Training Accounts
- Course Owners

Company

- About
- Blog
- Testimonials
- FAQ
- Contact us
- Privacy Policy and Terms and Conditions
- Anti-Bribery Anti-Corruption Commitment
- Sub-Processor Notice
- Software Pricing

BIS Safety Software develops Learning & Compliance software with enterprise-level technology utilized by thousands of companies.

Phone: (713) 424-0660

Toll-free: (866) 416-1660

**All Pricing is in USD**

BIS_Logo_LowRes_White_243x50
©2025 BIS Safety Software Inc.
UK Website New CAD Website Old CAD Website