Subprocessors

Updated on January 23, 2024. All policies.

Bucket uses third party subprocessors, such as cloud computing providers and customer support software, to provide our services. We enter into GDPR-compliant data processing agreements with each subprocessor, extending GDPR safeguards everywhere personal data is processed.

Subprocessors are split into two groups:

Subprocessors used for data about you (our customer), which Bucket in GDPR terminology is the controller of.
Subprocessors used for data about your own customers/users, which Bucket in GDPR terminology is the processor of, and you are the controller of.

Our customers' data #

Bucket is the controller of data about you (our customer). This does not include data about your customers/users.

Google. Account authentication. US.
Google Analytics. Account authentication. US.
Confluent. Streaming service. EU.
Heroku. Server hosting. EU.
Heroku Postgres. Database hosting. EU.
Datadog. Performance monitoring. EU.
Mixpanel. Product analytics. EU.
Hubspot. CRM. EU.
Stripe. Payment processing and management. US.
Segment. We send data through Segment to various subprocessors. US.
Slack. Internal and external communication. US.
Bytescale. Static image hosting. US.
Loom. Video sharing. US.
Webflow. Web hosting. US.

Our customers' users' data #

We are a processor of data about your users/customers. We do not share or sell this data with any other providers. We only store it in our data center hosted with Amazon Web Services in the EU.

Confluent. Kafka queing. EU.
Ably. Real-time queing (IP address only). EU.
Altinity. Clickhouse database. EU.

This policy have been adapted from the Basecamp open-source policies.