cloudHQ sub-processors
Effective date: July 20, 2024
cloudHQ uses the third party entities below (each, a “sub-processor”) to process personal data on behalf of cloudHQ customers and in accordance with contract terms between cloudHQ and the sub-processor to uphold cloudHQ’s commitments in cloudHQ’s Data Processing Addendum.
cloudHQ carries out annual compliance reviews of its sub-processors, and where the engagement of a sub-processor requires the cross-border transfer of personal data, cloudHQ conducts Transfer Impact Assessments in accordance with applicable data protection law for these data transfers. cloudHQ imposes obligations on its sub-processors to implement appropriate technical and organizational measures ensuring that the sub-processing of personal data is protected to the standards required by applicable data protection laws.
This list below contains sub-processors for cloudHQ’s generally available services. For each sub-processor below, processing of personal data will be for the duration of use of the applicable service(s) by the customer, and for the retention periods as set out in the customer’s agreement with Atlassian and any product documentation. Further information relating to sub-processor security measures can be found via the external links below. Please note that if you use cloudHQ data residency, pinned data remains in your specified location as described on this page.
cloudHQ carries out annual compliance reviews of its sub-processors, and where the engagement of a sub-processor requires the cross-border transfer of personal data, cloudHQ conducts Transfer Impact Assessments in accordance with applicable data protection law for these data transfers. cloudHQ imposes obligations on its sub-processors to implement appropriate technical and organizational measures ensuring that the sub-processing of personal data is protected to the standards required by applicable data protection laws.
This list below contains sub-processors for cloudHQ’s generally available services. For each sub-processor below, processing of personal data will be for the duration of use of the applicable service(s) by the customer, and for the retention periods as set out in the customer’s agreement with Atlassian and any product documentation. Further information relating to sub-processor security measures can be found via the external links below. Please note that if you use cloudHQ data residency, pinned data remains in your specified location as described on this page.
| Sub-processor | Applicable cloudHQ Apps | Nature and Purpose of Processing | Categories of personal data | Location of Processing | Security Measures |
|---|---|---|---|---|---|
| Amazon Web Services, Inc. | All cloudHQ apps | Cloud hosting provider. We use AWS EC2 to sync data between cloud accounts. Save Emails to PDF by cloudHQ use AWS S3 to store use email backups/exports. We also use AWS as our Email Service Provider for email marketing. | Personal data contained in user account information and text or files created by customer and stored in cloudHQ. No data which is sync'd (copied) is permanently stored by cloudHQ. We also use AWS as our Email Service Provider for email marketing. | USA | AWS Compliance Programs |
| Hetnzer | All cloudHQ apps | Cloud hosting provider. We use to sync Hetner cloud servers for syncing data between cloud accounts. | Personal data contained in user account information and text or files created by customer and stored in cloudHQ. No data which is sync'd (copied) is permanently stored by cloudHQ or cloud hosting provider. | Germany, USA | Hetnzer Certification |
| Cloudflare, Ltd. | All cloudHQ apps | Content delivery network provider | Personal data access via website which is contained in user account information and displayed by applicable cloudHQ Apps. | Customer traffic is processed globally at the data center closest to the end user. See: Cloudflare Network | Certifications and Compliance Resources |
| OpenAI, LLC | ChatGPT for Gmail by cloudHQ, ChatGPT Sidebar by cloudHQ, Mobile Text Alerts for Gmail by cloudHQ | Generative AI services provider for intelligence product features | Personal data contained in user account information and text or files created by customer and stored in Applicable cloudHQ Apps. Mobile Text Alerts for Gmail by cloudHQ use OpenAI to make email summary for text message. ChatGPT for Gmail by cloudHQ and ChatGPT Sidebar by cloudHQ use OpenAI to process user prompts. | USA | OpenAI security and trust |
| Plivo, Inc. | Mobile Text Alerts for Gmail | Communications technology provider for notifications | Personal data contained in text alerts sent to the user | USA | Plivo security |
| Google, LLC | N/A | We use Google as our internal email service provider and internal docs storage. Moreover, we use Google Analytics to analyze application usage (we use only your IP address and other device-related information). | All email messages sent to cloudHQ email address @cloudhq.net are processed by Google servers thus all personal data in emails sent to us will be stored on Google servers. No personal data is stored on Google servers by any of cloudHQ Apps. | USA | Google security |
| Stripe, Inc. | All cloudHQ apps | Payment Processing | Personal data necessary to validate and process the payment | USA | Stripe security |
| PayPal, Inc. | All cloudHQ apps | Payment Processing | Personal data necessary to validate and process the payment | USA | PayPal security |