Subprocessors

March 20, 2026

Below we publish the current list of subprocessors used by Terminka in providing services to Partners and Clients. These entities may process personal data on our behalf only to the extent necessary to provide services, maintain infrastructure, analytics, login, send SMS and e-mail messages, handle forms, CRM, and paid features available to Partners.

Where data is transferred outside the European Economic Area, we apply appropriate safeguards required by GDPR, including standard contractual clauses (SCC), where required.

Active in production

Google LLC / Google Ireland Ltd.
Scope of services: Google Analytics, Firebase Analytics, Google Sign-In.
Purpose of processing: product and traffic analytics, analysis of events in the app and service, user authentication via Google account.
Categories of data: device and user identifiers, app and web events, device metadata, e-mail address, first and last name (if shared during sign-in), Google account identifier, technical data related to authorization.
Location/transfer: EU/EEA and USA.
Transfer mechanism: SCC + Google DPA.
Status: active.

Mixpanel, Inc.
Scope of services: product analytics.
Purpose of processing: analysis of events, funnels, retention, and use of app features.
Categories of data: technical identifiers, app events, timestamps, product usage data.
Location/transfer: EU/EEA and USA.
Transfer mechanism: SCC + Mixpanel DPA.
Status: active.

Apple Inc. / Apple Distribution International Ltd.
Scope of services: Sign in with Apple.
Purpose of processing: user authentication in the iPhone app.
Categories of data: Apple user identifier, masked relay e-mail address or e-mail address shared by the user, technical data related to login.
Location/transfer: EU/EEA and USA.
Transfer mechanism: Apple mechanisms / SCC, if required.
Status: active.

SMS-fly
Scope of services: SMS gateway / SMS API for sending messages.
Purpose of processing: sending SMS messages related to bookings, reminders, and Partner-client communication.
Categories of data: phone number, SMS message content, delivery status, sending metadata.
Location/transfer: Poland / EU-EEA, in accordance with the provider’s infrastructure.
Transfer mechanism: applicable data protection terms of the provider; transfer outside the EEA only if resulting from the operator’s infrastructure.
Status: active.

Twilio Inc. / Twilio Ireland Limited
Scope of services: communication API, including SMS.
Purpose of processing: sending SMS messages and handling technical communication related to Terminka services.
Categories of data: phone number, SMS message content, delivery status, message identifiers, technical and routing metadata.
Location/transfer: EU/EEA and USA.
Transfer mechanism: SCC + Twilio data protection terms.
Status: active.

Stripe, Inc. / Stripe Payments Europe, Ltd.
Scope of services: payment processing for paid Terminka features and SMS Balance top-ups.
Purpose of processing: processing Partner payments for Subscription, Additional Services, and top-ups.
Categories of data: Partner identification data, payment and billing identifiers, transaction data, partial payment method data, technical metadata.
Location/transfer: EU/EEA and USA.
Transfer mechanism: SCC + Stripe data protection terms.
Status: active.

SendPulse Inc.
Scope of services: CRM, forms, e-mail automation, e-mail delivery, contact database management.
Purpose of processing: handling leads and contacts obtained through website forms, e-mail communication, marketing automation, and customer relationship management.
Categories of data: first and last name, e-mail address, phone number (if provided), company name, message content or data submitted through the form, contact status, communication and technical metadata.
Location/transfer: according to the provider’s infrastructure, transfer outside the EEA may occur.
Transfer mechanism: applicable data protection terms of the provider, including DPA or standard service terms, as well as SCC where required.
Status: active.

Notes and safeguards

  • We limit the scope of data to the minimum necessary to achieve the purpose of processing.
  • Depending on the cooperation model with a given provider, we apply appropriate data processing terms, including DPA, standard service terms, or other relevant data protection provisions.
  • Where data is transferred outside the EEA, we apply appropriate safeguards, including standard contractual clauses (SCC), where required.
  • Analytics is used solely to improve the operation of the app and the service.
  • Data used for login serves solely for authentication and user account handling.
  • SMS and e-mail providers process only the data necessary to carry out communication and delivery reporting.
  • Payment providers process only the data necessary to provide paid Terminka features and Partner billing with Terminka.

Changes to the list

If a new subprocessor is added or the scope of processing changes materially, we will update this page in accordance with the rules set out in the DPA.