This page lists the third-party subprocessors that Youscale LLC d/b/a iClosed (“iClosed”, “we”, “us”) engages to process Customer Personal Data on behalf of customers when iClosed acts as a processor or service provider under our Data Processing Agreement (“DPA”).

This list is intended to support customer due diligence, privacy reviews, and GDPR/UK GDPR Article 28 transparency requirements. It does not include vendors that process personal data only where iClosed acts as a controller, such as billing, HR, finance, sales, marketing, or general internal business tools, unless those vendors also process Customer Personal Data on behalf of iClosed customers.

How iClosed uses subprocessors

Purpose limitation: Subprocessors are engaged only to support delivery, security, reliability, monitoring, analytics, or operation of the iClosed platform.
Contractual safeguards: Before a subprocessor processes Customer Personal Data, iClosed requires appropriate contractual, confidentiality, security, and data-protection commitments, including equivalent data-protection obligations where required by law.
Security review: iClosed evaluates subprocessors through its vendor management and security review process based on the nature of the service, data involved, and risk to customers.
International transfers: Where Customer Personal Data is transferred outside the EEA, UK, or Switzerland, iClosed relies on appropriate transfer safeguards, such as Standard Contractual Clauses, adequacy decisions, or other lawful transfer mechanisms, as applicable.

Updates and customer notice

iClosed may update this page from time to time as subprocessors are added, removed, or materially changed. Where required by our DPA or applicable law, iClosed will provide customers with notice of material changes to this list, generally at least 30 days before a new subprocessor begins processing Customer Personal Data, unless a shorter period is required for security, continuity, or emergency reasons. Customers may object to new subprocessors as described in the applicable DPA.

Current subprocessors

The table below identifies subprocessors currently used to provide, secure, monitor, or improve the iClosed platform.

Current subprocessors

The table below identifies subprocessors currently used to provide, secure, monitor, or improve the iClosed platform.

Cloud infrastructure & Transactional SMS

Subprocessor: Amazon Web Services, Inc. Processing activity / purpose: Cloud hosting, compute, storage, databases, backup, and infrastructure services for the iClosed platform. Transactional SMS via AWS SNS. Customer Personal Data processed: Customer account and platform data, system metadata, operational data, and logs necessary to provide and secure the service. Processing location: Europe / EU-EEA.

Transactional email

Subprocessor: Twilio Inc. (SendGrid). Processing activity / purpose: Transactional email delivery, including meeting confirmations, scheduling notifications, account alerts, and service-related communications. Customer Personal Data processed: Email addresses, names, account identifiers, scheduling or meeting-related details, and message delivery metadata. Processing location: United States.

Product analytics

Subprocessor: PostHog, Inc. Processing activity / purpose: Product analytics, in-app behavior analysis, feature flags, and session recording where enabled to improve product functionality and user experience. Customer Personal Data processed: Usage events, account or user identifiers, device/browser metadata, feature interaction data, and session interaction data, subject to minimization and access controls. Processing location: United States.

Monitoring and observability

Subprocessor: Datadog, Inc. Processing activity / purpose: Application performance monitoring, logging, infrastructure monitoring, alerting, and operational observability. Customer Personal Data processed: System telemetry, application logs, performance metrics, IP addresses, error metadata, and limited customer/account identifiers where necessary for monitoring and incident response. Processing location: Europe.

Backend error tracking

Subprocessor: Functional Software, Inc. (Sentry). Processing activity / purpose: Backend error tracking and application performance monitoring. Customer Personal Data processed: Error events, stack traces, request metadata, technical identifiers, and limited user/account identifiers where necessary to diagnose and resolve service issues. Processing location: United States.

Frontend error tracking

Subprocessor: SmartBear Software Inc. (Bugsnag). Processing activity / purpose: Frontend error tracking, crash reporting, and stability monitoring for customer-facing application experiences. Customer Personal Data processed: Browser/device metadata, frontend error reports, page/session metadata, and limited user/account identifiers where necessary to diagnose and resolve service issues. Processing location: United States.

Cloud infrastructure & Transactional SMS

Subprocessor: Amazon Web Services, Inc.
Processing activity / purpose: Cloud hosting, compute, storage, databases, backup, and infrastructure services for the iClosed platform. Transactional SMS via AWS SNS.
Customer Personal Data processed: Customer account and platform data, system metadata, operational data, and logs necessary to provide and secure the service.
Processing location: Europe / EU-EEA.

Transactional email

Subprocessor: Twilio Inc. (SendGrid).
Processing activity / purpose: Transactional email delivery, including meeting confirmations, scheduling notifications, account alerts, and service-related communications.
Customer Personal Data processed: Email addresses, names, account identifiers, scheduling or meeting-related details, and message delivery metadata.
Processing location: United States.

Product analytics

Subprocessor: PostHog, Inc.
Processing activity / purpose: Product analytics, in-app behavior analysis, feature flags, and session recording where enabled to improve product functionality and user experience.
Customer Personal Data processed: Usage events, account or user identifiers, device/browser metadata, feature interaction data, and session interaction data, subject to minimization and access controls.
Processing location: United States.

Monitoring and observability

Subprocessor: Datadog, Inc.
Processing activity / purpose: Application performance monitoring, logging, infrastructure monitoring, alerting, and operational observability.
Customer Personal Data processed: System telemetry, application logs, performance metrics, IP addresses, error metadata, and limited customer/account identifiers where necessary for monitoring and incident response.
Processing location: Europe.

Backend error tracking

Subprocessor: Functional Software, Inc. (Sentry).
Processing activity / purpose: Backend error tracking and application performance monitoring.
Customer Personal Data processed: Error events, stack traces, request metadata, technical identifiers, and limited user/account identifiers where necessary to diagnose and resolve service issues.
Processing location: United States.

Frontend error tracking

Subprocessor: SmartBear Software Inc. (Bugsnag).
Processing activity / purpose: Frontend error tracking, crash reporting, and stability monitoring for customer-facing application experiences.
Customer Personal Data processed: Browser/device metadata, frontend error reports, page/session metadata, and limited user/account identifiers where necessary to diagnose and resolve service issues.
Processing location: United States.

Cloud infrastructure & Transactional SMS

Subprocessor: Amazon Web Services, Inc.
Processing activity / purpose: Cloud hosting, compute, storage, databases, backup, and infrastructure services for the iClosed platform. Transactional SMS via AWS SNS.
Customer Personal Data processed: Customer account and platform data, system metadata, operational data, and logs necessary to provide and secure the service.
Processing location: Europe / EU-EEA.

Transactional email

Subprocessor: Twilio Inc. (SendGrid).
Processing activity / purpose: Transactional email delivery, including meeting confirmations, scheduling notifications, account alerts, and service-related communications.
Customer Personal Data processed: Email addresses, names, account identifiers, scheduling or meeting-related details, and message delivery metadata.
Processing location: United States.

Product analytics

Subprocessor: PostHog, Inc.
Processing activity / purpose: Product analytics, in-app behavior analysis, feature flags, and session recording where enabled to improve product functionality and user experience.
Customer Personal Data processed: Usage events, account or user identifiers, device/browser metadata, feature interaction data, and session interaction data, subject to minimization and access controls.
Processing location: United States.

Monitoring and observability

Subprocessor: Datadog, Inc.
Processing activity / purpose: Application performance monitoring, logging, infrastructure monitoring, alerting, and operational observability.
Customer Personal Data processed: System telemetry, application logs, performance metrics, IP addresses, error metadata, and limited customer/account identifiers where necessary for monitoring and incident response.
Processing location: Europe.

Backend error tracking

Subprocessor: Functional Software, Inc. (Sentry).
Processing activity / purpose: Backend error tracking and application performance monitoring.
Customer Personal Data processed: Error events, stack traces, request metadata, technical identifiers, and limited user/account identifiers where necessary to diagnose and resolve service issues.
Processing location: United States.

Frontend error tracking

Subprocessor: SmartBear Software Inc. (Bugsnag).
Processing activity / purpose: Frontend error tracking, crash reporting, and stability monitoring for customer-facing application experiences.
Customer Personal Data processed: Browser/device metadata, frontend error reports, page/session metadata, and limited user/account identifiers where necessary to diagnose and resolve service issues.
Processing location: United States.

Questions

For questions about this list, iClosed subprocessors, or data processing practices, please contact privacy@iclosed.io.