Privacy and GDPR
User Privacy PolicyWebsite Visitor Privacy PolicyOur GDPR commitmentData Processing AgreementData Subject Access RequestData subprocessors
Amazon Web ServicesBaremetricsDelightedGoogle CloudRevSegmentStripeVero
California Consumer Privacy ActAustralian Privacy Act
More articles
Help homeLegal and privacyPrivacy and GDPR

Data subprocessors

To support delivery of our Services, Dovetail may engage and use data processors with access to certain Customer Data or Personal Information (each, a “Subprocessor”). This page provides information about each Subprocessor. Please email security@dovetailapp.com if you have any questions.


Amazon Web Services

aws.amazon.com

  • Location: Seattle, United States.

  • Security certifications: Privacy Shield, ISO27001, SOC3.

  • Data processed: Anonymized content, email address, IP address.

  • Use: Data storage, backups, CDN, DNS, SSL, domain management, emails.

  • DPA signed: Yes – incorporated into terms.

Baremetrics

baremetrics.com

  • Location: San Francisco, United States.

  • Security certifications: Privacy Shield.

  • Data processed: Billing contact name, billing contact email address, card metadata.

  • Use: Payment analytics and subscription management.

  • DPA signed:Yes – 22 October 2019.

Delighted

delighted.com

  • Location: Palo Alto, United States.

  • Security certifications: None.

  • Data processed: User name, user email address, survey responses.

  • Use: Recurring customer satisfaction survey.

  • DPA signed: Yes – 12 May 2020.

Google Cloud

cloud.google.com

  • Location: Mountain View, United States.

  • Security certifications: Privacy Shield, ISO27001, SOC3.

  • Data processed: User-added content (when using sentiment analysis).

  • Use: Natural language processing.

  • DPA signed: Yes – incorporated into terms.

Rev

rev.com

  • Location: San Francisco, United States.

  • Security certifications: None.

  • Data processed: User-added content (when using transcription).

  • Use: Audio and video transcription.

  • DPA signed: Yes – 17 April 2020.

Segment

segment.com

  • Location: San Francisco, United States.

  • Security certifications: Privacy Shield, ISO 27001, ISO 27017, ISO 27018, SOC 2.

  • Data processed: User name, email address, IP address, analytics.

  • Use: Product analytics.

  • DPA signed: Yes – 15 April 2020.

Stripe

stripe.com

  • Location: San Francisco, United States.

  • Security certifications: PCI.

  • Data processed: Billing contact name, email, address, card details.

  • Use: Payment processing and subscription management.

  • DPA signed: Yes – 8 October 2018.

Vero

getvero.com

  • Location: Sydney, Australia.

  • Security certifications: None.

  • Data processed: User name, email address.

  • Use: Marketing and transactional emails.

  • DPA signed: Yes – 15 April 2020.

Was this article useful?
Authors
Brad Ayers
Co-founder / CTO
Article info
Last updated 23 September 2020
2 min read

Get help

Can’t find what you’re looking for? Search through our articles or contact our support team and get a response within 24 hours.

Get help