engageSPARK Subprocessors

Last updated: June 15, 2026

This list identifies the Subprocessors engaged by engageSPARK to process Contact Personal Information (CPI) on behalf of its Customers, as defined in the Data Processing Agreement (DPA).

Updates. engageSPARK will provide notice of new Subprocessors in accordance with the DPA.

Name,

Privacy policy or GDPR statement

Purpose

Country

Shared data

Transfer safeguard

Anthropic, PBC

https://www.anthropic.com/legal/commercial-terms

https://www.anthropic.com/legal/data-processing-addendum

AI features

United States

CPI Processed by the Services’ AI features.

EU-US Data Privacy Framework (DPF), UK Extension to the EU-US DPF, Swiss-US DPF; SCCs as fallback.

Cloudflare, Inc.

https://www.cloudflare.com/trust-hub/gdpr/

Infrastructure & Security

United States

CPI transiting our public endpoints.

EU-US DPF, UK Extension, Swiss-US DPF; SCCs as fallback.

Fireflies.AI Corp.

https://fireflies.ai/data-processing-agreement

Customer support

United States

CPI only if Customer sends CPI to engageSPARK via this channel (which Customer should not do — see the DPA’s terms on Out-of-Service Materials).

EU-US DPF, UK Extension, Swiss-US DPF; SCCs as fallback.

Google LLC / Google Cloud EMEA Limited

https://cloud.google.com/privacy/gdpr

Infrastructure, Security, and AI features

Germany,

United States

CPI Processed by the Services.

EU-US DPF, UK Extension, Swiss-US DPF; SCCs as fallback. Primary service data and voice recordings remain in the EU.

Hetzner Online GmbH

https://www.hetzner.com/AV/DPA_en.pdf

Infrastructure & Security

Germany

CPI Processed by the Services.

EU/EEA processing, no restricted transfer for EU, UK (UK–EEA adequacy), or Switzerland (Swiss-EEA adequacy).

Intercom, Inc.

https://www.intercom.com/legal/data-processing-agreement

Customer support

United States

CPI only if Customer sends CPI to engageSPARK via this channel (which Customer should not do — see the DPA’s terms on Out-of-Service Materials).

EU-US DPF, UK Extension, Swiss-US DPF; SCCs as fallback.

Mailgun Technologies, Inc. (Sinch)

https://www.mailgun.com/gdpr/

Email

United States

CPI Processed by the Services’ Email action features.

EU-US DPF, UK Extension, Swiss-US DPF; SCCs as fallback.

Aivision Products SRL (MeetGeek)

https://meetgeek.ai/data-processing-agreement

Customer support

Romania

CPI only if Customer sends CPI to engageSPARK via this channel (which Customer should not do — see the DPA’s terms on Out-of-Service Materials).

EU/EEA processing, no restricted transfer for EU, UK (UK–EEA adequacy), or Switzerland (Swiss-EEA adequacy).

Meta Platforms, Inc.

https://www.facebook.com/privacy/policy/

https://www.facebook.com/legal/terms/dataprocessing/

Customer support

United States

CPI only if Customer sends CPI to engageSPARK via this channel (which Customer should not do — see the DPA’s terms on Out-of-Service Materials).

EU-US DPF, Swiss-US DPF; SCCs as fallback (with UK IDTA for UK transfers, as Meta is not certified to the UK Extension).

Microsoft Corporation

https://privacy.microsoft.com/en-gb/privacystatement

(a) Customer support via Office365

(b) Azure AI features

United States, Germany

(a) CPI only if Customer sends CPI to engageSPARK via Office365 communication channels (which Customer should not do — see the DPA’s terms on Out-of-Service Materials).

We store the minimum necessary CPI on Office365 storage tools to help us provide customer support or provide the Services.

(b) CPI Processed by the Services’ AI features.

EU-US DPF, UK Extension, Swiss-US DPF; SCCs as fallback.

OpenAI, L.L.C.

https://openai.com/policies/services-agreement/

https://openai.com/policies/data-processing-addendum/

AI features

United States

CPI Processed by the Services’ AI features.

EU-US DPF, UK Extension, Swiss-US DPF; SCCs as fallback.

SentinelOne, Inc. (Scalyr)

https://www.sentinelone.com/legal/privacy-policy/

Infrastructure

United States

CPI only to the extent it appears in our Voice application logs.

EU-US DPF, UK Extension, Swiss-US DPF; SCCs as fallback.

Functional Software, Inc. (Sentry)

https://sentry.io/legal/dpa/

Infrastructure

United States

CPI only to the extent it appears in our UI logs.

EU-US DPF, UK Extension, Swiss-US DPF; SCCs as fallback.

Slack Technologies, LLC (Salesforce, Inc.)

https://slack.com/trust/compliance/gdpr

Internal communication

United States

We store the minimum necessary CPI in a dedicated channel with a 7-day auto-deletion policy to help us provide customer support or provide the Services.

EU-US DPF, UK Extension, Swiss-US DPF; SCCs as fallback.

Viber Media S.‡ r.l. (Rakuten Group)

https://www.viber.com/en/terms/viber-privacy-policy/

Customer support

Luxembourg

CPI only if Customer sends CPI to engageSPARK via this channel (which Customer should not do — see the DPA’s terms on Out-of-Service Materials).

EU/EEA processing, no restricted transfer for EU, UK (UK–EEA adequacy), or Switzerland (Swiss-EEA adequacy). Onward transfers within the Rakuten Group covered by Rakuten Group Binding Corporate Rules.

WhatsApp LLC,

WhatsApp Ireland Limited

https://www.whatsapp.com/legal/privacy-policy

https://www.whatsapp.com/legal/business-data-processing-terms

Customer support

Ireland,

United States

CPI only if Customer sends CPI to engageSPARK via this channel (which Customer should not do — see the DPA’s terms on Out-of-Service Materials).

Primary processing by WhatsApp Ireland in the EU/EEA. Onward transfers to WhatsApp LLC and Meta Platforms in the US under EU-US DPF, Swiss-US DPF; SCCs as fallback (with UK IDTA for UK transfers, as WhatsApp LLC and Meta are not certified to the UK Extension).