APPENDIX NO. 2 – LIST OF SUB-PROCESSORS
Timerise uses verified third-party service providers (“Sub-Processors”) to support the provision of the Services.
Each Sub-Processor has been evaluated for compliance with GDPR and industry-standard security practices.
| Sub-Processor | Registered Office / Location | Purpose of Processing | Legal Safeguard |
|---|---|---|---|
| Google Cloud Platform (Frankfurt Region – europe-west3) | Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland | Primary hosting infrastructure, database storage, and backups. All Timerise production servers are located in Frankfurt, Germany (EEA). | Data stored and processed exclusively within the EEA; GDPR-compliant processing under Google’s DPA |
| Cloudflare, Inc. | 101 Townsend St, San Francisco, CA 94107, USA | Network security, CDN, and DDoS protection | SCCs / Cloudflare Data Processing Addendum |
| SendGrid (Twilio Inc.) | 101 Spear Street, San Francisco, CA 94105, USA | Transactional and notification e-mails | SCCs / Data Processing Addendum |
| Stripe Payments Europe Ltd. | 1 Grand Canal Street Lower, Dublin 2, Ireland | Payment processing and invoicing (if applicable) | Data processed within EEA; SCCs for global access if required |
| Timerise Affiliates and Contractors | EU-based | Maintenance, technical support, and platform development | Bound by intra-group DPA and confidentiality agreements |
| Google Analytics (optional) | Google Ireland Limited, Gordon House, Barrow Street, Dublin 4, Ireland | Anonymous traffic analysis and performance metrics | IP anonymization enabled; SCCs for any cross-border transfers |
1. Addition or Replacement of Sub-Processors
Timerise may update this list from time to time.
Controllers will be notified in advance of any intended addition or replacement of Sub-Processors and may object in accordance with Section 7 of the DPA.
2. Security and Compliance
All Sub-Processors engaged by Timerise:
- operate under written agreements consistent with GDPR requirements,
- implement appropriate technical and organizational measures,
- are regularly reviewed for compliance and security posture.
3. Contact
For questions or objections regarding Sub-Processors, please contact: