Third party sub-processors
Last updated 25th January 2021
As your service provider and data processor we use a number of sub-processors to help us provide your event ticket shop to your customers. Details of the sub-processors we use which process ticket buyer and event attendee data are listed below. We have GDPR compliant data processing agreements in place with all sub-processors.
| Service | What we use them for | International transfers and transfer safeguards |
|---|---|---|
| Amazon Web Services EMEA SARL (AWS Europe) | Hosting, database, and backup infrastructure. We only use AWS Europe infrastructure located in Dublin, Ireland (eu-west-1). The data is encrypted at rest and in transit. | EEA/UK: any transfers of data to and from the UK and the EEA are covered by adequacy decisions. US: If any transfer of data to AWS in the US occurs, the EU SCCs or the UK Addendum to the EU SCCs apply (as applicable). The data is encrypted at rest and in transit and the AWS supplemental measures apply. |
| MessageBird USA Inc. (SparkPost) | Email sending infrastructure. When emails are sent out from Ticket Tailor (such as a ticket email, or a contact form message), we use MessageBird (SparkPost) to send them. We only use MessageBird (SparkPost) infrastructure located physically within the European Union. | Transfers outside of: EEA: are undertaken pursuant to the EU 2021 SCCs. UK: are undertaken pursuant to the EU 2010 SCCs. All personal data is encrypted in transit and at rest. |
| Cloudflare Inc. | DNS, caching and additional security tools. This allows us to deliver a fast responding website, minimising downtime, whilst also protecting ourselves from malicious attacks. Cloudflare has data centres around the world, so your location determines which of their servers are used. | Transfers outside of:
EEA: are undertaken pursuant to the EU 2021 SCCs.
UK: are undertaken pursuant to the EU 2010 SCCs whilst still a lawful mechanism following which the UK Addendum to the EU SCCs will apply.
Cloudflare implements encryption to protect personal data. |
| Stripe - if you select this as your chosen payment processor | Payment processing for your Products. Stripe processes personal data as both controller and processor. Stripe infrastructure is located physically within the European Union but personal data may be transferred to other countries, including to the US. | Transfer outside of the EEA/UK are undertaken pursuant to the EU 2021 SCCs. Stripe encrypts data at rest and in transit and uses supplementary measures to protect data. |
| PayPal - if you select this as your chosen payment processor | Payment processing for your Products. PayPal processes personal data as a controller: see PayPal Privacy Statement. PayPal infrastructure is located in the United States | See Paypal Privacy Statement |
| Square - if you select this as your chosen payment processor | Payment processing for your Products. Square processes personal data as both controller and processor: see Square Privacy Statement. Square infrastructure is located physically within the European Union but personal data may be transferred to other countries, including to the US. | See Square Privacy Statement |
For more information about Ticket Tailor and GDPR compliance, please click here.