PlaybookUX Data Subprocessors
Last Updated: October 2022
In order to better serve our clients, we use data subprocessors. This page provides a breakdown of all subprocessors. We have signed DPA (data processing addendums) with all of our subprocessors.
Atlassian (Sydney, Australia)
https://www.atlassian.com/trust/security
Certifications: ISO27001, SOC2 Type 2
Reason: Feature requirements, bug tracking
Data processed: Employee name, Employee email address
DPA: Signed as a part of the Terms.
Amazon Web Services (Washington, USA)
https://aws.amazon.com/security/
Certifications: ISO27001, SOC3, Privacy Shield
Reason: Data storage, backups, SSL, DNS for clients.
Data processed: Anonymized data.
DPA: Signed as a part of the Terms.
Google Cloud Services (California, USA)
https://cloud.google.com/security/
Certifications: ISO27001, SOC3, Privacy Shield
Reason: Data storage, backups, SSL, DNS, Transcription for clients.
Data processed: Anonymized data, video files for speech-to-text.
DPA: Signed as a part of the Terms.
Github (California, USA)
Certifications: ISO27001, SOC2 Type 2
Reason: Code repository
Data processed: Staging, testing and production code
DPA: Signed as a part of the Terms.
Stripe (California, USA)
https://stripe.com/privacy-center/legal
Certifications: PCI
Reason: Payment processing for pay as you go and subscriptions.
Data processed: Billing name, contact email, company name, card metadata.
DPA: Signed November 19th, 2020
Copper (California, USA)
Certifications: Privacy Shield
Reason: CRM
Data processed: Name, company, email address
DPA: Signed as a part of the Terms.
Sentry (Wisconsin, United States)
Certifications: Privacy Shield
Reason: error logging
Data processed: IP address, project details, browser information, device
DPA: Signed November 19th, 2020
SalesLoft Inc (Georgia, United States)
Certifications: ISO27001, SOC2 Type 2
Reason: Sales engagement
Data processed: Email, phone number, company name & public company information
DPA: Signed as a part of the Terms.
Slack (California, United States)
https://slack.com/trust/security
Certifications: SOC2 Type II, ISO/IEC 27001, ISO/IEC 27701
Reason: Internal communication
DPA: Signed as a part of the Terms.
Session Stack (Bulgaria, EU)
https://docs.sessionstack.com/docs/security-and-compliance-overview
Certifications: SOC2, SOC3, ISO 27001
Reason: Troubleshooting and bug handling
Data processed: name, email, IP address, project attributes
DPA: Signed as a part of the Terms.
Intercom (California, United States)
https://www.intercom.com/security
Certifications: SOC2 Type 2, Privacy Shield
Reason: Customer support
Data processed: IP address, browser information, device, email, name
DPA: Signed as a part of the Terms.
Totango (California, United States)
https://www.totango.com/results/protect
Certifications: SOC2 Type 2, ISO27001
Reason: Customer success
Data processed: IP address, browser information, device, email, name
DPA: Signed as a part of the Terms.
Lusha Systems Inc (New York, United States)
https://www.lusha.com/legal/privacy_notice
Reason: Sales contact
Data processed: Email, phone number, company name & public company information
DPA: Signed as a part of the Terms.
Vanta (California, United States)
Certifications: SOC2 Type 2, ISO 27001
Reason: Security compliance
Data processed: Security documentation, Security requirements and training, security reviews of vendors
DPA: Signed as a part of the Terms.
Pathfix (Delaware, United States)
Reason: Manage integrations
Data processed: Name, email
DPA: Signed as a part of the Terms.
Mailchimp (Georgia, United States)
https://mailchimp.com/about/security/
Certifications: SOC2 Type 2, ISO 27001
Reason: Marketing communications
Data processed: Name, email
DPA: Signed as a part of the Terms.
Sendinblue (France)
https://www.sendinblue.com/legal/privacypolicy/
Certifications: ISO 27001
Reason: Marketing communications
Data processed: Name, email, company name
DPA: Signed as a part of the Terms.
PayPal Inc (Delaware, United States)
https://www.paypal.com/us/security/
Certifications: SOC2 Type 2, ISO27001
Reason: Participant payments
Data processed: Name, email, paypal address
DPA: Signed as a part of the Terms.
Notion Labs Inc (California, United States)
https://www.notion.so/security
Certifications: SOC2 Type 2
Reason: Internal project management
Data processed: Name, email, internal project details
DPA: Signed as a part of the Terms.
Vimeo (New York, United States)
https://vimeo.com/enterprise/security
Certifications: SOC2 Type 2
Reason: Hosting webinars
Data processed: Name, email
DPA: Signed as a part of the Terms.
WorkOS (California, United States)
Certifications: SOC2 Type 2
Reason: Log ins
Data processed: company name, email address
DPA: Signed as a part of the Terms.
ZenPayroll, Inc (California, United States)
https://gusto.com/security
Certifications: SOC2 Type 2
Reason: Employee payroll
Data processed: Employee name, DOB, bank details and employment information
DPA: Signed as a part of the Terms.
Zoom (California, United States)
https://explore.zoom.us/docs/ent/privacy-and-security.html
Certifications: SOC2 Type 2
Reason: Video conferencing, live conversations
Data processed: full name
DPA: Signed as a part of the Terms.
