SalesforceSalesforce / Trust
Salesforce Sub-Outsourcing Risk Management Overview

Salesforce Sub-Outsourcing Risk Management Overview

The “Salesforce Sub-Outsourcing Risk Management Overview" document outlines Salesforce's approach to managing risks associated with sub-outsourcing (which includes subcontracting and sub-processing), particularly in the context of evolving regulations. It details Salesforce's commitment to customer trust, regulatory compliance (especially EU regulations) and robust supplier management processes, including supplier onboarding, contractual arrangements, policies, and assessments. The document emphasizes Salesforce's security controls, external oversight, and resilience measures to protect Customer Data, ensuring a secure and compliant supply chain.

Files

Available versions for download

Reporting Start DateReporting End DateNotesActions
2025-06-01--
Login to download

Services covered

Services related to this document

Agentforce & Einstein Platform

Agentforce & Einstein Platform

Applicable to the services and features branded as: Agentforce (collectively, “Agentforce”) which

B2C Commerce / Commerce Cloud (First Party)

B2C Commerce / Commerce Cloud (First Party)

Applicable to the services branded as B2C Commerce/Commerce Cloud on First Party Data Centers

B2C Commerce / Commerce Cloud (Hyperforce)

B2C Commerce / Commerce Cloud (Hyperforce)

Applicable to the services branded as B2C Commerce/Commerce Cloud on Hyperforce

Data Cloud

Data Cloud

Applicable to the services branded as Data Cloud, Customer Data Cloud (aka Salesforce Data Cloud), o

General (not service specific)

General (not service specific)

Applicable to Salesforce as an entity without the context of a specific service (Corporate Services)

Heroku

Heroku

Applicable to the services branded as Heroku.

Marketing Cloud - Account Engagement

Marketing Cloud - Account Engagement

Applicable to the services branded as Marketing Cloud Account Engagement (formerly branded as Pardot

Marketing Cloud - Advertising

Marketing Cloud - Advertising

Applicable to the services branded as Marketing Cloud - Advertising

Marketing Cloud - Engagement (First Party)

Marketing Cloud - Engagement (First Party)

Applicable to the services branded as Marketing Cloud - Engagement

Marketing Cloud - Engagement (Hyperforce)

Marketing Cloud - Engagement (Hyperforce)

Applicable to the services branded as Marketing Cloud - Engagement

Marketing Cloud - Growth

Marketing Cloud - Growth

Applicable to the services branded as Marketing Cloud - Growth

Marketing Cloud - Intelligence

Marketing Cloud - Intelligence

Applicable to the services branded as Marketing Cloud - Intelligence

Marketing Cloud - Personalization

Marketing Cloud - Personalization

Applicable to the services branded as Marketing Cloud - Personalization

MuleSoft

MuleSoft

Applicable to the services branded as MuleSoft or the Anypoint Platform (MuleSoft Services).

Own by Salesforce

Own by Salesforce

Applicable to the services branded as Own by Salesforce (formerly known as OwnCompany Inc.) which in

Quip

Quip

Applicable to the services branded as Quip

Sales Enablement

Sales Enablement

Applicable to the services branded as Sales Enablement (formerly branded as myTrailhead)

Salesforce Services (First Party)

Salesforce Services (First Party)

Applicable to the core salesforce services branded as B2B Commerce on Lightning Experience, Chatter,

Salesforce Services (Hyperforce)

Salesforce Services (Hyperforce)

Applicable to the core salesforce services branded as B2B Commerce on Lightning Experience, Chatter,

Slack

Slack

Applicable to the services branded as Slack.

Tableau Cloud

Tableau Cloud

Applicable to the services branded as Tableau Cloud

Tableau Server

Tableau Server

Applicable to the services branded as Tableau Server