Sub-processors
The following sub-processors process personal data on behalf of Booki7 to deliver the service. Each is bound by a written agreement imposing GDPR Art. 28 obligations equivalent to those Booki7 owes its customers, plus Standard Contractual Clauses where the recipient is outside the EU/EEA.
| Sub-processor | Purpose | Region | Transfer mechanism |
|---|---|---|---|
| Hetzner Online GmbH | Hosting the application server, database, backups | Falkenstein, Germany (EU) | EU — no transfer |
| Anthropic, PBC | Claude AI — conversation inference | USA | SCCs (Module 2) + Anthropic's commercial terms; data not used for training |
| OpenAI, L.L.C. | Voice-tier text-to-speech, and an optional alternative LLM, where the Voice call tier is enabled | USA | SCCs + OpenAI DPA terms; API data not used for training. Only activated when the Controller enables the Voice call tier |
| Stripe Payments Europe Ltd. | Payment processing for subscriptions | Ireland (EU); some processing transferred to Stripe Inc. (US) | SCCs + Stripe DPA |
| Twilio Ireland Ltd. | WhatsApp + voice telephony when those features are enabled | Ireland (EU); transferred to Twilio Inc. (US) | SCCs + Twilio DPA |
| SendGrid (Twilio) | Transactional email — booking confirmations, owner notifications | USA | SCCs + Twilio DPA — being migrated to AWS SES (EU) — see notes |
| Cloudflare, Inc. | Email forwarding (admin@booki7.com) | USA / global edge | SCCs + Cloudflare DPA |
| Meta Platforms Ireland Ltd. | Facebook Messenger inbound/outbound, when Messenger is enabled | Ireland (EU); processing also occurs at Meta Platforms Inc. (US) | SCCs + Meta Business DPA — Controller-side: visitor messages enter via the Controller's Facebook page, which the Controller manages directly |
| Deepgram, Inc. | Speech-to-text (Voice tier only — currently not GA) | USA | SCCs + Deepgram DPA — only activated when the Controller enables Voice |
| Google Ireland Ltd. | Google Calendar integration when the Controller enables it | Ireland (EU); transferred to Google LLC (US) | SCCs + Google Cloud DPA |
Notes
- Voice notes dictated onto a client record are transcribed by speech-to-text software self-hosted on Booki7's own EU server (Falkenstein, Germany): the audio is processed in memory, never leaves the EU, and is not sent to any third-party sub-processor. OpenAI is only an active sub-processor where the separate Voice call tier (OpenAI text-to-speech, with Deepgram) is enabled per-tenant, and only once the Controller turns it on.
- Email migration to AWS SES (Frankfurt, EU) is planned to remove SendGrid as a non-EU sub-processor. We will notify Controllers when this is complete and update this list.
- For the legal text of the European Commission Standard Contractual Clauses (Decision 2021/914), see eur-lex.europa.eu/eli/dec_impl/2021/914.
How to object to a new sub-processor
If you object to a planned change on reasonable data-protection grounds, email admin@booki7.com within 30 days of the notification. We will work with you to find an alternative; if we can't, you may terminate the affected service without penalty for the remainder of your billing period.