Legal

Sub-processors.

Last updated: May 13, 2026

Billet Systems LLC engages the following third-party Sub-processors to provide the Service. Each Sub-processor is contractually bound to handle Personal Data in accordance with applicable data protection law and our agreements with them, with protections no less stringent than those in our Data Processing Addendum.

For the legal framework governing Sub-processing, see DPA §6 (Sub-processors). For the data we collect and how we use it, see our Privacy Policy.

Current Sub-processors

Hetzner Online GmbH

Purpose: Cloud hosting and PostgreSQL database infrastructure

Location: Ashburn, Virginia, United States

Privacy: https://www.hetzner.com/legal/privacy-policy

Amazon Web Services (AWS S3)

Purpose: Photo and file storage

Location: United States

Privacy: https://aws.amazon.com/privacy/

Cloudflare, Inc.

Purpose: CDN, DNS, Web Application Firewall, marketing website hosting (Cloudflare Pages), and object storage (Cloudflare R2 — phasing in)

Location: Global (US-headquartered)

Privacy: https://www.cloudflare.com/privacypolicy/

Stripe, Inc.

Purpose: Payment processing, subscription billing, Pay Now, and Tap-to-Pay via Stripe Terminal. PCI-DSS Level 1 certified.

Location: United States, with global processing infrastructure

Privacy: https://stripe.com/privacy

Twilio, Inc.

Purpose: SMS messaging for two-factor authentication, password reset, account-setup links, driver delivery alerts, customer signature requests, and proof-of-delivery confirmations

Location: United States, with global SMS routing infrastructure

Privacy: https://www.twilio.com/legal/privacy

Postmark (ActiveCampaign LLC)

Purpose: Transactional email delivery — proof of delivery, password resets, signature requests, receipts, trial reminders, billing notifications

Location: United States

Privacy: https://postmarkapp.com/eu-privacy

OneSignal, Inc.

Purpose: Push notification orchestration and delivery to iOS and Android devices

Location: United States, with delivery via Apple APNs and Google FCM

Privacy: https://onesignal.com/privacy_policy

Anthropic, PBC

Purpose: Claude AI used to automatically parse uploaded documents (PDFs, CSVs) into structured ticket data and to detect field mappings during integration setup. Personally identifiable information is redacted before transmission where feasible. Anthropic does not retain this data for training.

Location: United States

Privacy: https://www.anthropic.com/legal/privacy

Functional Software, Inc. (Sentry)

Purpose: Application error monitoring and crash reporting for the authenticated dashboard and mobile app

Location: United States

Privacy: https://sentry.io/privacy/

Google LLC

Purpose: Google Routes API for multi-stop route optimization (Standard tier and above only)

Location: United States

Privacy: https://policies.google.com/privacy

UptimeRobot Service Provider Ltd

Purpose: External uptime monitoring of api.billetsystems.com and app.billetsystems.com; powers the public status page at billetsystems.com/status. Monitors public availability only; no Customer data is transmitted.

Location: United States / Global

Privacy: https://uptimerobot.com/privacyPolicy/

Apple Inc.

Purpose: Apple Push Notification service (APNs) for iOS push notification delivery (used by OneSignal as the underlying delivery mechanism for iOS devices)

Location: United States

Privacy: https://www.apple.com/legal/privacy/

ipapi.co

Purpose: Approximate IP-based geolocation used for currency auto-detection at signup and for security monitoring (abuse detection, suspicious login alerts). IP addresses are sent; no other personal data.

Location: European Union

Privacy: https://ipapi.co/privacy/

Subscribe to Sub-processor Change Notifications

Billet will provide at least thirty (30) days' prior notice before adding or replacing any Sub-processor that processes Personal Data on behalf of a Customer. Notice is sent to account administrators via email by default.

If you would prefer notice be sent to a separate procurement, security, or privacy team address — or if you are not yet a Customer but want to be on the notification list — send a one-line email to [email protected] with subject "Subprocessor notification list."

Subscribe via email

Objection to a New Sub-processor

If you object to a proposed new Sub-processor on reasonable grounds related to the protection of Personal Data, reply to the notification email within the 30-day notice period. If the parties cannot reach agreement, the Customer may terminate the affected portion of the Service with no liability for unused prepaid fees, prorated from the effective date of the new Sub-processor, as set out in DPA §6.