Tidyflow uses a limited number of trusted third-party service providers (“sub-processors”) to help us operate, secure, and improve the platform.
Sub-processors may process customer data solely for the purpose of providing services to Tidyflow. Each sub-processor is contractually required to implement appropriate technical and organizational security measures.
Infrastructure & Hosting
DigitalOcean
Purpose: Application hosting and infrastructure
Location: United States
Amazon Web Services (AWS)
Purpose: Secure database storage, file storage, and encrypted backups
Location: United States
Payments
Stripe
Purpose: Subscription billing and secure payment processing
Location: United States
Tidyflow does not store or process full payment card details. All payment information is handled directly by Stripe.
Email & Communications
Postmark
Purpose: Transactional email delivery (system notifications and alerts)
Location: United States
Google Workspace
Purpose: Internal communications and limited customer support correspondence
Location: United States
Missive
Purpose: Customer support email management
Location: United States
Authentication
Google Identity
Purpose: User authentication (OAuth login)
Location: United States
Microsoft Identity Platform
Purpose: User authentication (OAuth login)
Location: United States
Automation & Integrations
Make.com
Purpose: Workflow automation and system integrations
Location: European Union
Product Analytics
Microsoft Clarity
Purpose: Product usage insights and session analytics
Location: United States
Customer Communications
Loops
Purpose: Product onboarding and lifecycle email communications
Location: United States
Sub-processor Engagement
Tidyflow engages sub-processors to support the delivery of its services. Each sub-processor is bound by a written data processing agreement that includes confidentiality, security, and data protection obligations consistent with applicable data protection laws.
International Data Transfers
Tidyflow primarily operates using United States-based infrastructure. Where personal data is transferred outside a customer’s jurisdiction, we implement appropriate safeguards in accordance with applicable data protection regulations.
Customers may contact us for additional information regarding data transfer safeguards.
Updates to This List
We may update this list from time to time as our services evolve. The most current version will always be available on this page.
Contact
For questions regarding sub-processors or data handling practices, please contact [email protected].