Sub-processors
Magpie Meetings engages certain third-party service providers ("sub-processors") to assist in providing the Service and processing data on behalf of our customers. This page lists all sub-processors we use, in compliance with our Data Processing Agreement and GDPR requirements.
1. What is a Sub-processor?
A sub-processor is a third-party service provider engaged by Magpie Meetings (the processor) to process personal data on behalf of our customers (the controllers). We ensure all sub-processors sign Data Processing Agreements and implement appropriate security measures.
2. Sub-processor List
The following sub-processors are currently engaged by Magpie Meetings:
2.1 Infrastructure and Hosting
Cloud Hosting Provider
- Service: Web hosting, database hosting, application infrastructure
- Data Processed: All customer and user data, including account information, scheduling data, appointments, and system logs
- Purpose: Host and operate the Magpie Meetings platform
- Location: Servers may be located in multiple regions (typically US, EU)
- Security: Industry-standard encryption, access controls, and compliance certifications
2.2 Authentication and Calendar Services
Google (Google LLC / Alphabet Inc.)
- Services: Google OAuth (authentication), Google Calendar API
- Data Processed:
- OAuth: Email address, name, profile information
- Calendar API: Calendar events, availability, meeting metadata
- Purpose: User authentication, calendar synchronization, conflict detection
- Location: Global (data centers worldwide)
- Privacy Policy: Google Privacy Policy
- Security: SOC 2/3, ISO 27001, GDPR compliant
2.3 Video Conferencing (Optional)
Zoom Video Communications, Inc.
- Service: Video meeting creation and management (if configured by user)
- Data Processed: Meeting details (title, date, time, duration), participant emails, Zoom meeting IDs
- Purpose: Generate video meeting links for scheduled appointments
- Location: Global (data centers worldwide)
- Privacy Policy: Zoom Privacy Policy
- Security: End-to-end encryption (for supported meetings), SOC 2, ISO 27001, GDPR compliant
- Note: Only used if you choose to enable Zoom integration
2.4 Communication Services
Transactional Email Provider
- Service: Email delivery for booking confirmations, reminders, and notifications
- Data Processed: Email addresses, names, appointment details, email content
- Purpose: Send transactional emails and notifications to users and invitees
- Location: Typically US or EU
- Security: TLS encryption, GDPR compliance, data processing agreements
SMS Provider (Optional)
- Service: SMS reminders and notifications (if configured by user)
- Data Processed: Phone numbers, appointment details, SMS message content
- Purpose: Send SMS reminders for upcoming appointments
- Location: Global
- Note: Only used if you choose to enable SMS reminders
2.5 Analytics and Monitoring
Error Monitoring and Performance Tracking
- Service: Application error tracking, performance monitoring
- Data Processed: Error logs, stack traces, user IDs (anonymized where possible), device information, browser data
- Purpose: Detect and diagnose technical issues, monitor application performance
- Location: Typically US or EU
- Security: Data encryption, access controls, GDPR compliance
2.6 Payment Processing (Future)
Note: Magpie Meetings is currently a free service. If we introduce paid features in the future, we will engage a payment processor (such as Stripe) and update this page accordingly with at least 30 days' notice.
3. Sub-processor Security and Compliance
All sub-processors engaged by Magpie Meetings must meet the following criteria:
- Data Processing Agreements: Sign DPAs that comply with GDPR Article 28
- Security Measures: Implement appropriate technical and organizational security measures
- Compliance: Comply with GDPR, CCPA, and other applicable data protection laws
- Audits: Undergo regular security audits and maintain relevant certifications (SOC 2, ISO 27001, etc.)
- Data Transfers: Use Standard Contractual Clauses (SCCs) or other approved mechanisms for international data transfers
4. Changes to Sub-processors
4.1 Notification
We will update this page at least 30 days before engaging a new sub-processor or making material changes to existing sub-processors. The "Last updated" date at the top of this page will reflect the most recent change.
4.2 Objection Rights
If you object to a new sub-processor on reasonable data protection grounds, you may:
- Contact us at legal@magpiemeetings.com within 30 days of the notification
- Request that we do not use the new sub-processor for your data
- Terminate your account in accordance with our Terms of Service if we cannot accommodate your objection
4.3 Notification Methods
We will notify you of sub-processor changes through:
- Updating this page with a new "Last updated" date
- Sending an email notification to your registered email address
- Posting a notice on the Service dashboard
5. Your Responsibilities
When you use Magpie Meetings, you acknowledge and agree that:
- Personal data you input may be processed by our sub-processors as listed above
- You have reviewed and accept the use of these sub-processors
- You are responsible for ensuring you have a legal basis to share data with Magpie Meetings and our sub-processors
- You will provide appropriate privacy notices to data subjects about third-party processing
6. International Data Transfers
Some sub-processors may process data outside the European Economic Area (EEA). We ensure all international transfers comply with GDPR through:
- Standard Contractual Clauses (SCCs): Approved by the European Commission
- Adequacy Decisions: Transfers to countries with adequate data protection (where applicable)
- Additional Safeguards: Supplementary measures as recommended by regulatory authorities
For details, see our Data Processing Agreement.
7. User-Controlled Integrations
Some integrations are optional and controlled by you:
- Google Calendar: You choose whether to connect your Google Calendar
- Zoom: You choose whether to enable Zoom integration
- SMS Reminders: You choose whether to enable SMS notifications
When you enable these integrations, you authorize Magpie Meetings to share relevant data with these sub-processors. You can revoke access at any time from your account settings.
8. Transparency and Accountability
We are committed to transparency about data processing. This sub-processor list is part of our broader accountability framework, which includes:
- Privacy Policy - How we collect and use data
- Data Processing Agreement - Our GDPR compliance commitments
- Security - Our security practices and measures
9. Contact Us
For questions about our sub-processors, data processing, or privacy practices, contact us at:
- Privacy Inquiries: privacy@magpiemeetings.com
- Legal Inquiries: legal@magpiemeetings.com
- General Support: support@magpiemeetings.com
For all contact options, visit our Contact page.