Our sub-processors enable us to provide our services to the world and they need to align with our values and policies around data. All sub-processors are GDPR-compliant, most through the EU-US Privacy Shield and Swiss-US Privacy Shield frameworks.
- Google Analytics, for monitoring in-app usage by merchants and by visitors to our websites (policy)
- Linode, for running our services and storing data (policy)
- Google Cloud Platform, for running our services and storing data (policy)
- MongoDB, for storing data with their Atlas service (terms of service)
- Cloud 66, which helps us deploy and run our services (policy)
- AppSignal, for gathering server operation metrics and does not capture end-user data (policy)
- Shopify, whose e-commerce functionality we build upon (policy)
- Intercom, which allows us to interact with customers in real-time (policy)
- Front, which helps organize our email interactions (policy)
- G Suite by Google Cloud (formerly Google Apps for Business), which holds email and documents (policy)
- Atlassian, for bug reports that might contain customer data (policy)
We will update this list as we find new partners to work with and update merchants with the changes, as required under GDPR.