Privacy and GDPR

Privacy PolicyOur GDPR commitmentData Processing AgreementData Subject Access RequestData subprocessors
Amazon Web ServicesDelightedGoogle CloudRevSegmentStripeVero
New SCCs & the GDPRCalifornia Consumer Privacy ActAustralian Privacy Act
More articles
Help homeLegal and privacyPrivacy and GDPR

Data subprocessors

To support delivery of our Services, Dovetail may engage and use data processors with access to certain Customer Data or Personal Information (each, a “Subprocessor”). This page provides information about each Subprocessor. Please email security@dovetailapp.com if you have any questions.


Amazon Web Services

aws.amazon.com

  • Location: Seattle, United States.

  • Security certifications: Privacy Shield, ISO27001, SOC3.

  • Data processed: Anonymized content, email address, IP address.

  • Use: Data storage, backups, CDN, DNS, SSL, domain management, emails.

  • DPA signed: Yes – incorporated into terms.

Delighted

delighted.com

  • Location: Palo Alto, United States.

  • Security certifications: None.

  • Data processed: User name, user email address, survey responses.

  • Use: Recurring customer satisfaction survey.

  • DPA signed: Yes – 12 May 2020.

Google Cloud

cloud.google.com

  • Location: Mountain View, United States.

  • Security certifications: Privacy Shield, ISO27001, SOC3.

  • Data processed: User-added content (when using sentiment analysis).

  • Use: Natural language processing.

  • DPA signed: Yes – incorporated into terms.

Rev

rev.com

  • Location: San Francisco, United States.

  • Security certifications: None.

  • Data processed: User-added content (when using transcription).

  • Use: Audio and video transcription.

  • DPA signed: Yes – 17 April 2020.

Segment

segment.com

  • Location: San Francisco, United States.

  • Security certifications: Privacy Shield, ISO 27001, ISO 27017, ISO 27018, SOC 2.

  • Data processed: User name, email address, IP address, analytics.

  • Use: Product analytics.

  • DPA signed: Yes – 15 April 2020.

Stripe

stripe.com

  • Location: San Francisco, United States.

  • Security certifications: PCI.

  • Data processed: Billing contact name, email, address, card details.

  • Use: Payment processing and subscription management.

  • DPA signed: Yes – 8 October 2018.

Vero

getvero.com

  • Location: Sydney, Australia.

  • Security certifications: None.

  • Data processed: User name, email address.

  • Use: Marketing and transactional emails.

  • DPA signed: Yes – 15 April 2020.

Was this article useful?

Authors

Bradley Ayers

Co-founder / CTO

Article info

Last updated 25 May 2021
2 min read

Get help

Can’t find what you’re looking for? Search through our articles or contact our support team and get a response within 24 hours.

Get help
Start a 7 day free trial

Start free trial
A few of our customers

See more customers →
autodesk
bcg
Figma
gitlab
glossier
nng
shopify
vmware
Product

AnalysisRepositoryPeopleEnterpriseIntegrationsCustomersPricingStatusLog in