Overview
EngageIQ engages third-party sub-processors to deliver specific components of the Services — such as hosting, email delivery, payments, and observability tooling. Every sub-processor is vetted before onboarding, bound by a data-processing agreement, and required to maintain security and privacy standards at least as protective as our own.
This page is the authoritative record of EngageIQ's current sub-processors. It is maintained in accordance with GDPR Art. 28(3)(d) and our contractual commitments to customers. The page is updated whenever a sub-processor is added, changed, or removed.
Infrastructure & Hosting
These sub-processors form the core of EngageIQ's technical infrastructure and handle the broadest set of customer and end-user data.
| Sub-processor | Purpose | Data processed | Location | Certifications |
|---|---|---|---|---|
| Amazon Web Services (AWS) | Cloud hosting, compute (EC2/ECS), managed PostgreSQL (RDS), object storage (S3), content delivery (CloudFront), key management (KMS), secrets management, load balancing | All customer data, end-user data, system logs, backups | USA (us-east-1 primary); EU (eu-west-1/eu-central-1 optional) | ISO 27001, SOC 1/2/3, PCI DSS, CSA STAR, FedRAMP |
| Amazon ElastiCache / Redis (AWS) | In-memory caching, rate-limit counters, session state | Session tokens (hashed), rate-limit keys, transient cache data — no persistent PII | Same AWS region as primary deployment | Within AWS SOC 2 scope |
| NATS.io (self-hosted on AWS) | Internal message bus for event streaming and async job processing | Internal system events and job payloads — no direct PII unless included in event payload | Same AWS region as primary deployment | Self-hosted; within AWS infrastructure controls |
Email Delivery
These sub-processors handle the transmission of email messages on behalf of EngageIQ customers.
| Sub-processor | Purpose | Data processed | Location | Certifications |
|---|---|---|---|---|
| Amazon Simple Email Service (AWS SES) | Outbound email relay, bounce and complaint processing, feedback-loop aggregation, sending-domain verification (DKIM/DMARC), dedicated IP warm-up | Recipient email addresses, message headers, subject lines, message body (for delivery), engagement events (opens, clicks, bounces, complaints) | USA (primary); EU (eu-west-1 available for EU-region customers) | ISO 27001, SOC 2, within AWS framework |
Message content and SES
Payments & Billing
| Sub-processor | Purpose | Data processed | Location | Certifications |
|---|---|---|---|---|
| Stripe, Inc. | Payment processing, subscription management, customer portal, invoice generation, fraud detection, tax calculation | Billing name, billing address, payment method metadata (last 4 digits, card type, expiry — no full card numbers stored by EngageIQ), email address, subscription and transaction records | USA (primary data processing); EU data residency available | PCI DSS Level 1, ISO 27001, SOC 1/2 |
EngageIQ never transmits or stores full payment card numbers. All cardholder data is tokenized by Stripe at the point of entry using Stripe.js and is handled exclusively within Stripe's PCI DSS-compliant environment.
Observability & Monitoring
| Sub-processor | Purpose | Data processed | Location | Certifications |
|---|---|---|---|---|
| Sentry (Functional Software, Inc.) | Application error monitoring, crash reporting, performance tracing, release tracking | Stack traces, error messages, request context (URL, HTTP method, user agent), environment metadata. PII is scrubbed before transmission via server-side filtering; no message bodies or contact data is sent to Sentry. | USA (default); EU region (sentry.io/eu) available and configured on request | ISO 27001, SOC 2 Type II |
Product Analytics
| Sub-processor | Purpose | Data processed | Location | Certifications |
|---|---|---|---|---|
| PostHog, Inc. | Product analytics — feature usage tracking, funnel analysis, session recording (disabled by default), A/B experiment assignment | Anonymized or pseudonymized event data: feature interactions, page views, button clicks, session duration. Authenticated user ID (hashed) where event attribution is needed. No raw contact data or campaign content. | EU (eu.posthog.com — EngageIQ is configured to use the EU-hosted PostHog instance) | ISO 27001, SOC 2 (in progress) |
EngageIQ uses PostHog in a privacy-preserving configuration: IP anonymization is enabled, session recording is disabled, and no personal data from customer contact lists is sent to PostHog.
Business Operations
These sub-processors support EngageIQ's internal business operations. They may process limited personal data (primarily name and business email of our customers' designated contacts) in the course of providing their services.
| Sub-processor | Purpose | Data processed | Location | Certifications |
|---|---|---|---|---|
| Google LLC (Google Workspace) | Internal email, document collaboration, calendar | Business contact information in internal communications. No customer end-user data is shared. | USA / EU (data-region controls configured) | ISO 27001, SOC 2/3 |
| Linear Orbit, Inc. (Linear) | Engineering issue tracking, bug reports, feature requests | Issue descriptions (which may include anonymized support case summaries). No PII from end-users. | USA | SOC 2 Type II |
Change Management & Objection Process
How we notify you of changes
When EngageIQ adds, replaces, or removes a sub-processor, we will:
- Update this page with the new sub-processor information and the effective date of the change.
- Send an email notification to the account's designated privacy or legal contact at least 30 days before the change takes effect (except for emergency changes needed to address a security risk).
- Post a changelog entry on this page recording all historical changes.
How to subscribe to notifications
To receive sub-processor change notifications by email, contact legal@engageiq.com and request to be added to the sub-processor notification list. Include your account email and the name of your organization.
How to object
Customers who have executed a DPA with EngageIQ may object to the addition of a new sub-processor by submitting written notice to legal@engageiq.com within the 30-day notification period. The objection must describe the specific legitimate grounds for the objection (e.g., the new sub-processor is located in a jurisdiction without adequate protections and no transfer mechanism exists).
We will work in good faith to address your objection. If we are unable to accommodate it and you cannot continue using the Services, you may terminate the affected portion of your subscription without penalty within the 30-day notice period.
Emergency sub-processor changes
Sub-processor Change Log
A record of all changes to EngageIQ's sub-processor list since publication.
| Date | Sub-processor | Change | Reason |
|---|---|---|---|
| June 12, 2026 | All listed above | Initial publication | First public sub-processor list published at platform launch |
Read next