Legal.
The information provided here is for Profyle customers and users who have questions about our terms, policies, intellectual property, and compliance.
Subprocessors
Effective Date: 8th January 2026
Last Update: 6th February 2026
The Processor shall only use the Subprocessors listed below.
| Name of Subprocessor | Entity type | Data location | Data transfer mechanism | |
|---|---|---|---|---|
 | Google Cloud EMEA Limited | Cloud Infrastructure | EEA | SSL Secured APIs |
 | Algolia, Inc. | Elastic Search Provider | London, UK* | SSL secured APIs |
 | Mailgun | Email mailing list and email sending provider | EEA | SSL Secured APIs |
 | Stripe | Payments Processor | EEA | SSL Secured APIs |
 | Google Analytics | Analytics Provider | US | SSL Secured APIs and SCC** |
 | Pipedrive | CRM Provider | EEA (AWS) | SSL Secured APIs and 2FA logins |
 | Bitbucket | Version Control | US | SSL Secured APIs and SCC* |
* Transfers to UK permitted under EU-UK adequacy decision
** Transfers to US require Standard Contractual Clauses as per Section 12.4
Notes on Data Transfers:
- EEA locations: No additional transfer mechanism required
- UK locations: Covered by EU-UK adequacy decision (Commission Implementing Decision (EU) 2021/858) and UK adequacy regulations
- Other locations: Appropriate safeguards implemented as per Section 12
- All transfers use encrypted connections (SSL/TLS)