The following table provides information on Highwire's subprocessors:
| Subproccesor | Purpose of Subprocessing | Data Categories | Safeguards |
| Amazon Web Services | Cloud infrastructure and hosting services | Personal identifiers, usage data, and authentication tokens | Standard Contractual Clauses (SCCs), ISO 27001, SOC 2 |
| Twilio SendGrid | Transactional and marketing email delivery | Email addresses, message content, and metadata | Standard Contractual Clauses (SCCs), ISO 27001, SOC 2 |
| Stripe | Payment processing (credit cards, billing) | Names, billing info, credit card numbers (tokenized), and email | PCI DSS Level 1, SCCs |
| Atlassian | Issue tracking, bug management, and internal project data | Internal user information, ticket data, attachments | Standard Contractual Clauses (SCCs), ISO 27001, SOC 2 |
| Slack | Internal team communication and collaboration | Message content and uploaded files | Standard Contractual Clauses (SCCs), ISO 27001, SOC 2 |
| HubSpot | CRM and marketing automation | Customer contact info, activity logs, and forms data | SCCs, ISO 27001, Data Privacy Framework |
| Zendesk | Customer support platform | User names, contact info, support tickets, and chat data | Standard Contractual Clauses (SCCs), ISO 27001, SOC 2 |
All subprocessors listed above are engaged solely to deliver core business functions.
Transfers outside the EU are subject to the European Commission's Standard Contractual Clauses (SCCs) or equivalent safeguards as detailed in the Highwire Data Processing Addendum.
Data minimization, encryption in transit/rest, and access controls are enforced according to best practices and Highwire's certifications under ISO/IEC 27001:2022, and AICPA SOC2, Type I.