Under the GDPR, a sub-processor is any business or contractor through which customer data may pass as a side effect of using the services of WordPressforGood.
We use partners for both technical and business processes that are critical to our customers having a quality experience.
Here is our list of sub-processors:
| Amazon AWS | USA/EU | Cloud Infrastructure for our backups |
| Stripe | USA | Customer payments/invoicing/subscriptions |
| ManageWP | EU | Site management |
| WaveApps | USA | Customer invoicing |
| Trello | USA | Project tracking |
| LastPass | EU/US/Swiss | Credential storage |
| Google, Inc | USA | Site analytics (web) and document sharing |
| BackBlaze | Cloud Backups | |
| Siteground | USA/EU | Website hosting statistics |
| Acuity scheduling | USA | Appointment booking |
The GDPR definition of sub-processor is very broad and includes some things you might simply consider “hardware”, such as cloud infrastructure. We’ve included all of the external companies we use for that reason.