Subprocessors
We use carefully selected service providers (“subprocessors”) to help deliver specific functions. Where a subprocessor may process personal information, we require written terms to protect data and to process only on our instructions.
1) Current subprocessors
Only vendors that may process personal information for service delivery should be listed here. If a vendor is not used, remove it.
| Vendor | Purpose | Data categories | Processing location | Retention | Policy / Site | Status |
|---|---|---|---|---|---|---|
| Hosting Provider | Website & API hosting, storage, security | Contact Operational logs | United States (primary) | Operational + backups (per provider policy) | Provider policy | Active |
| Email / Helpdesk | Support communications & ticketing | Contact Support content | United States / Canada | Per ticket lifecycle / configuration | Provider policy | Active |
| Communications Provider | Call or meeting communications (recording only if enabled with notice/consent) | Call metadata Audio (optional) | United States | Configurable (per customer settings) | Provider policy | Active |
For additional privacy terms, see the DPA summary. If a Security Overview is published, it will be available at /legal/security.
2) Additions, removals & objections
Before adding a new subprocessor or materially changing a processing purpose, we will update this page. If your signed agreement provides a right to object, contact us within the notice period and we’ll work with you in good faith.