List of Subprocessors


Amazon Web Services (AWS)

Website: https://aws.amazon.com

Purpose: Database and hosting

Type of personal data processed: All platform data (including sensitive data) is stored within AWS’ database services

Location of processing: Server region set by Humanloop – currently US East

Compliance mechanism for ex-EEA transfer: Standard Contractual Clauses

Cohere

Websitehttps://cohere.io/

Purpose: Analytics

Type of personal data processed: Usernames

Location of processing: US, EEA and UK

Compliance mechanism for ex-EEA transfer: Standard Contractual Clauses

Hubspot

Websitehttps://www.hubspot.com/

Purpose: Customer relationship management

Type of personal data processed: Customer name and contact details

Location of processing: US, EEA and UK

Compliance mechanism for ex-EEA transfer: Standard Contractual Clauses

Intercom

Websitehttps://www.intercom.com

Purpose: Customer communication

Type of personal data processed: Contact details

Location of processing: US, EEA and UK

Compliance mechanism for ex-EEA transfer: Standard Contractual Clauses

Mixpanel

Websitehttps://mixpanel.com/

Purpose: Analytics

Type of personal data processed: The only PII data sent are organization name and user ID.

Location of processing: US, EEA and UK

Compliance mechanism for ex-EEA transfer: Standard Contractual Clauses

Notion

Websitehttps://notion.so

Purpose: Process management

Type of personal data processed: Customer name and contact details

Location of processing: US, EEA and UK

Compliance mechanism for ex-EEA transfer: Standard Contractual Clauses

Sentry Cloud

Websitehttps://sentry.io/

Purpose: Monitoring API performance and debugging application errors.

Type of personal data processed: Only error no personal data

Location of processing: US, EEA and UK

Compliance mechanism for ex-EEA transfer: Standard Contractual Clauses

Slack

Websitehttps://slack.com/

Purpose: Customer communication

Type of personal data processed: Customer names and contact details.

Location of processing: US, EEA and UK

Compliance mechanism for ex-EEA transfer: Standard Contractual Clauses

Stripe

Websitehttps://stripe.com/

Purpose: Payment processing

Type of personal data processed: User name, contact and credit card details

Location of processing: US, EEA and UK

Compliance mechanism for ex-EEA transfer: Standard Contractual Clauses

Last updated: 12 May 2023