Compliance

Sub-processors

Below is a list of sub-processors (as defined by General Data Protection Regulation) used by CreateShift to deliver ProdPad. These sub-processors are described in the table below. 

Sub-processor

HQ Location

Privacy Controls

Data Location

Amazon Web Services, Inc

US

GDPR, Data Processing Addendum, Standard Contractual Clauses

EU

The Rocket Science Group, LLC d/b/a MailChimp

US

Data Processing Addendum, Standard Contractual Clauses

US

Recurly, Inc

US

Data Processing Addendum, Standard Contractual Clauses

US

Stripe, Inc

US

Data Processing Addendum, Standard Contractual Clauses

US

PCI

Billing and subscriptions are managed using Recurly, Inc and Stripe, Inc. Both services are PCI-DSS compliant to level 1. ProdPad has basic PCI compliance and does not store or receive credit card data. 

GDPR

CreateShift the company and ProdPad the application are GDPR compliant. To help our customers become and remain GDPR compliant, we have a Data Processing Addendum and various other product features for you. This can be obtained by contacting security@prodpad.com.

Still need help? Contact Us Contact Us