Security and Compliance

Your stuff is in the right hands. Find all about our security and compliance policies here.

Compliance

Sub-processors

Below is a list of sub-processors (as defined by General Data Protection Regulation) used by CreateShift to deliver ProdPad. These sub-processors are described in the table below. 

 

Sub-processor

HQ Location

Privacy Controls

Data Location

Amazon Web Services, Inc

US

Privacy Shield, Data Processing Addendum, Standard Contract Clauses

EU

Zendesk

US

Privacy Shield, Data Processing Addendum

US

Mailchimp

US

Privacy Shield, Data Processing Addendum

US

Segment

US

Privacy Shield, Data Processing Addendum

US

Fullstory

US

Privacy Shield, Data Processing Addendum

US

Recurly

US

Privacy Shield, Data Processing Addendum

US

Stripe

US

Privacy Shield, Data Processing Addendum

US

 

PCI

Billing and subscriptions are managed using Recurly, Inc and Stripe, Inc. Both services are PCI-DSS compliant to level 1. ProdPad has basic PCI compliance and does not store or receive credit card data. 

GDPR

CreateShift the company and ProdPad the application are working towards GDPR compliance. To help our customers become and remain GDPR compliant, we will be including a Data Processing Addendum and various other product features for you. This can be obtained by contacting security@prodpad.com.

Comments