Sub-processors
To support the delivery of our services, PurposeTech may engage and use data processors with access to certain customer data. This page provides important information about the identity, location, and role of each sub-processor.
Last updated: 29 November 2025
This Sub-Processor page is incorporated into the Data Processing Agreement and Terms of Service entered into between Customer and PurposeTech.
Updates to this page
Due to the nature of our business and our ongoing efforts to serve our customers, our service providers may change from time to time. We may deprecate a service provider to consolidate our systems, or add a new provider to enhance our services. Please check this page periodically for updates.
Current Sub-processors
PurposeTech may use the following sub-processors to deliver our services to you:
| Sub-processor | Purpose | Location | Data Processed |
|---|---|---|---|
| Amazon Web Services (AWS) | AI services, logging, and file storage | Australia (ap-southeast-2) | Application logs, AI processing data, uploaded files |
| Cloudflare, Inc. | DNS, DDoS protection, security, and file storage | Global | Network traffic data, uploaded files |
| Google Cloud Platform | Maps and geocoding services | Australia | Location data for event mapping |
| Google Workspace | Business email and collaboration | United States | Email communications, contact information |
| Intercom, Inc. | Customer support and communication | United States | Support conversations, contact details, usage data |
| Linear | Issue tracking and project management | United States | Project tasks, issue details, user feedback |
| Notion Labs, Inc. | Internal documentation and knowledge management | United States | Internal documentation, project information |
| Plausible Analytics | Privacy-friendly website analytics | European Union | Anonymised usage data (no personal data or cookies) |
| Postmark (ActiveCampaign) | Transactional email delivery | United States | Email addresses, email content |
| Sentry | Error monitoring and performance | United States | Application errors, performance data (anonymised) |
| Stripe, Inc. | Payment processing | United States | Billing and payment information |
| Trigger.dev | Background jobs and task scheduling | United States | Task payloads, job metadata |
| Upstash | Serverless Redis database | United States | Session data, rate limiting data |
| Vercel Inc. | Application hosting and CDN | Global (edge network) | Web application delivery |
Amazon Web Services (AWS)
- Purpose
- AI services, logging, and file storage
- Location
- Australia (ap-southeast-2)
- Data
- Application logs, AI processing data, uploaded files
Cloudflare, Inc.
- Purpose
- DNS, DDoS protection, security, and file storage
- Location
- Global
- Data
- Network traffic data, uploaded files
Google Cloud Platform
- Purpose
- Maps and geocoding services
- Location
- Australia
- Data
- Location data for event mapping
Google Workspace
- Purpose
- Business email and collaboration
- Location
- United States
- Data
- Email communications, contact information
Intercom, Inc.
- Purpose
- Customer support and communication
- Location
- United States
- Data
- Support conversations, contact details, usage data
Linear
- Purpose
- Issue tracking and project management
- Location
- United States
- Data
- Project tasks, issue details, user feedback
Notion Labs, Inc.
- Purpose
- Internal documentation and knowledge management
- Location
- United States
- Data
- Internal documentation, project information
Plausible Analytics
- Purpose
- Privacy-friendly website analytics
- Location
- European Union
- Data
- Anonymised usage data (no personal data or cookies)
Postmark (ActiveCampaign)
- Purpose
- Transactional email delivery
- Location
- United States
- Data
- Email addresses, email content
Sentry
- Purpose
- Error monitoring and performance
- Location
- United States
- Data
- Application errors, performance data (anonymised)
Stripe, Inc.
- Purpose
- Payment processing
- Location
- United States
- Data
- Billing and payment information
Trigger.dev
- Purpose
- Background jobs and task scheduling
- Location
- United States
- Data
- Task payloads, job metadata
Upstash
- Purpose
- Serverless Redis database
- Location
- United States
- Data
- Session data, rate limiting data
Vercel Inc.
- Purpose
- Application hosting and CDN
- Location
- Global (edge network)
- Data
- Web application delivery
International Data Transfers
Some of our sub-processors are located outside of New Zealand and Australia. When we transfer personal data internationally, we ensure appropriate safeguards are in place, including:
- Standard Contractual Clauses (SCCs) approved by the European Commission
- Data Processing Agreements with each sub-processor
- Verification that sub-processors maintain appropriate security certifications
- Regular assessment of sub-processor security practices
For more information about how we protect your data, visit our Security & Trust page.
Questions about our sub-processors?
If you have any questions about our sub-processors or data processing practices, please contact our Privacy Officer.
Contact Privacy Officer