Suppliers

We use a small set of carefully selected partners to provide our services. We have a signed Data Processing Agreement (DPA) with each of them, and we ensure that all of our providers have a excellent security and privacy in place and are fully GDPR compliant.

We perform an annual review of our suppliers to ensure that they continue to be compliant with our legal requirements. We also receive regular security bulletins from these suppliers.

Our Due Diligence information provides more information about suppliers that process participant data.

Microsoft Azure

Web hosting & data storage hosted in EU (ROI)
Microsoft itself located in USA
DPA signed

Rollbar

Error handling
Located in USA
DPA signed

Sendgrid

Email delivery
Located in USA
DPA signed

Postmark

Email delivery
Located in USA
DPA signed

Zendesk

Support desk software
Located in USA
DPA signed

Stripe

Payments processing
European operations provided by Stripe Payments Europe which is located in ROI
https://support.stripe.com/questions/stripe-and-european-data-transfers
DPA signed

Active Campaign

Marketing Automation
GDPR Compliant
DPA signed

Mixpanel

Product Analytics
Located in EU
DPA signed

Canny

Customer feedback
Located in USA
DPA signed

Google Analytics

Anonymised usage statistics (we don't use User-ID and we anonymise IP addresses)
Located in USA
DPA signed

Google Cloud Platform

Business Data Analysis
Located in USA
DPA signed

Hotjar

Aggregated, anonymised Usage Statistics
Located in Malta, EU
https://www.hotjar.com/privacy
GDPR Compliant
DPA signed

Stitch Data

Data Aggregation
Located in USA
DPA signed

Facebook

Ad conversion metrics via Facebook Pixel
Located in USA
DPA signed

Twitter

Embedded Timeline
Located in USA
DPA signed

Dropbox

File storage
Located in EU and USA
DPA signed

Xero

Accounting
https://www.xero.com/uk/campaigns/xero-and-gdpr/
DPA signed

Missive

Email and communications
https://missiveapp.com/gdpr
DPA signed