Compliance
Sub-processors
Below is a list of sub-processors (as defined by General Data Protection Regulation) used by CreateShift to deliver ProdPad. These sub-processors are described in the table below.
|
Sub-processor |
HQ Location |
Privacy Controls |
Data Location |
|
Amazon Web Services, Inc |
US |
Privacy Shield, Data Processing Addendum, Standard Contract Clauses |
EU |
|
Zendesk |
US |
Privacy Shield, Data Processing Addendum |
US |
|
Mailchimp |
US |
Privacy Shield, Data Processing Addendum |
US |
|
Segment |
US |
Privacy Shield, Data Processing Addendum |
US |
|
Fullstory |
US |
Privacy Shield, Data Processing Addendum |
US |
|
Recurly |
US |
Privacy Shield, Data Processing Addendum |
US |
|
Stripe |
US |
Privacy Shield, Data Processing Addendum |
US |
PCI
Billing and subscriptions are managed using Recurly, Inc and Stripe, Inc. Both services are PCI-DSS compliant to level 1. ProdPad has basic PCI compliance and does not store or receive credit card data.
GDPR
CreateShift the company and ProdPad the application are working towards GDPR compliance. To help our customers become and remain GDPR compliant, we will be including a Data Processing Addendum and various other product features for you. This can be obtained by contacting security@prodpad.com.
Was this article helpful?
0 out of 0 found this helpful
Comments