What is a sub-processor?
A sub-processor is a third party ChargeBell engages to process personal information on behalf of ChargeBell or a ChargeBell customer while providing the service. This page identifies our current material providers, their purpose, the data involved, and their general processing location.
Customer-directed integrations are different. Slack is the platform a customer chooses as the destination for ChargeBell messages, and a connected Stripe account is a source the customer instructs ChargeBell to access. Those providers also process information under their own agreements with the customer. Stripe is listed below because ChargeBell separately uses Stripe for ChargeBell's own subscription billing.
How we select and manage providers
- We assess whether a provider's privacy, security, confidentiality, availability, and data-handling practices are appropriate for the service it performs and the sensitivity of the information involved.
- We provide each provider only the information reasonably necessary for its assigned function and use provider access controls and configuration options where available.
- We use applicable provider terms, data-processing terms, and transfer safeguards and require providers to protect information consistently with their role and applicable law.
- We periodically reconsider material providers when the service, risk, or legal requirements change and remove access when it is no longer needed.
- We update this page when a material sub-processor is added or replaced. Where a contract or law requires advance notice, we will provide it through the agreed notice channel.
Cloudflare, Inc.
Purpose: Cloud hosting and edge request processing through Cloudflare Workers; application storage through D1 and Workers KV; transactional email delivery; network security; and operational logs and observability.
Data: Account, authentication, organization, integration, OAuth credential, alert, delivery, billing-status, support-routing, request, and security-log information needed to operate ChargeBell. Cloudflare processes password-reset email addresses and message content when delivering those emails.
Location: Cloudflare's global network. ChargeBell's current primary D1 database reports Eastern North America and is not restricted to a specific jurisdiction; Workers and KV may process or cache information in multiple locations.
Stripe, Inc.
Purpose: ChargeBell subscription checkout, payment processing, billing customer and subscription management, invoices, taxes, renewals, cancellations, and billing support. Stripe may act as merchant of record for eligible ChargeBell purchases. Separately, customers may direct ChargeBell to connect to their own Stripe account for alerting.
Data: Billing contact and customer identifiers, checkout and payment status, plan, subscription, invoice, tax, renewal, and cancellation information. For customer-directed Stripe connections, Stripe also exchanges connected-account OAuth and event information described in the Privacy Policy.
Location: United States and other locations described by Stripe's privacy and data-transfer documentation.
Google LLC
Purpose: Optional Google OAuth authentication and account linking when a user chooses Sign in with Google.
Data: Google account identifier, name, email address, profile image, OAuth tokens, token expiry, and authentication scopes returned for the sign-in flow.
Location: United States and other locations described by Google's privacy and data-transfer documentation.
Questions and objections
For questions about this list or the information a provider processes, email privacy@chargebell.com. If your agreement with ChargeBell provides a right to object to a new sub-processor, submit the objection through that address within the period stated in your agreement and explain the reasonable data-protection concern.