Last updated: 2026-04-30
_Last updated: April 30, 2026_
To deliver DTPulse we use a small number of third-party providers ("Sub-processors") that may process Customer Data on our behalf. Each one is bound by a written contract that limits their use of personal data to providing services to us.
This page lists every Sub-processor in use today. We will update it before adding a new one whose access to Customer Data is non-trivial.
| Provider | Purpose | Data accessed | Region |
|---|---|---|---|
| Railway | Application hosting and managed PostgreSQL database for dtpulse.com. | All Customer Data and Other Information stored at rest. | US (Google Cloud) |
| Stripe | Payment processing for paid subscriptions. | Billing email, company name, country, VAT/tax ID. Card numbers go directly to Stripe and never reach our servers. | US |
| Resend | Transactional email (invites, password reset, approval notifications, billing receipts). | Recipient email address, sender, subject, plain-text and HTML body. | US |
| Sentry | Error monitoring (server-side exceptions and selected client errors). | Stack traces, request URL, user-agent, internal user/tenant IDs. We strip emails and bodies. | US / EU |
| Cloudflare | DNS, TLS termination, edge cache, basic DDoS protection in front of dtpulse.com. | IP address, request metadata. Cloudflare does not see decrypted Customer Data because TLS is terminated on the edge and re-encrypted to origin. | Global edge |
| GitHub Container Registry | Hosts the Docker images that get deployed. Build artifacts only — no Customer Data. | None | US |
| Provider | When activated | Data accessed |
|---|---|---|
| Slack | When an admin connects the Slack integration. | Workspace ID, channel list, OAuth tokens (encrypted at rest), and the content of messages we post on your behalf (e.g. approval requests, daily digests). |
| When SSO with Google is enabled. | Email, name, profile photo of users who sign in via Google. | |
| Microsoft Teams | When the Teams integration is enabled (where available). | Tenant ID, channel list, OAuth tokens, message content posted on your behalf. |
| Google Chat | When the Google Chat integration is enabled. | Workspace ID, space list, OAuth tokens, message content posted on your behalf. |
| SendGrid | If a Customer configures custom SMTP via SendGrid. | Same as Resend. |
If your workspace has none of these integrations enabled, none of the optional Sub-processors process Customer Data.
If we add a new Sub-processor with non-trivial access to Customer Data, we will update this page and, where practical, send Customers an email at least 14 days before the new Sub-processor begins processing.
If you have a written DPA with us, you may object in writing to a new Sub-processor under the conditions described in the DPA. Contact [email protected].