GDPR Compliance

Last updated: 1st of Feb, 2023

Our privacy commitments

At Sunobi, we genuinely care about your privacy. We are ready to support you in your role as a data controller and committed to ensuring all personal data we hold and process is safe and secure. As part of this commitment we have undertaken steps to meet GDPR compliance, including:

  1. Not sharing personal data with third parties purely for analytics or advertising purposes.
  2. Automatically deleting any personal data that is no longer deemed required.
  3. Allowing users and organizations to delete the personal data they control.
  4. Providing data subjects with access to their personal data, if requested.
  5. Building in “privacy by design” as we develop and enhance the Sunobi product and services.  

Sunobi sub-processors

As outlined in our DPA, we may use third party service providers to assist us with data processing activities. Where we act as a data processor, these third parties are known as sub-processors. You will find a list of our sub-processors, along with the reason for processing and where the data is held below. From time to time, we may need to add or remove a sub-processor if we feel it is necessary.

  • Jira
    Used for managing and responding to customer support tickets.
    Data hosted in US.

  • Quickbase
    Our primary tool to capture and hold customer data.
    Data hosted in US.

  • Azure
  • Cloud computing services.
    Data hosted in US.
  • Linode
    Cloud computing services.
    Data hosted in US.
  • AWS S3
    Long-term log archive for audit logging purposes.
    Data hosted in US.

  • Slack
    Used by Sunobi for internal communications. Integrates with customer support tooling.
    Most data automatically deleted within 30 days. Data hosted in US.

  • Calendly / Zoom
    Used to book and conduct audio and video meetings, as well as online events and webinars.
    Data deleted upon request. Data hosted in US.

  • Google Service (G-suite)
    Used for email, internal communications and documentation.
    Data deleted upon request. Data hosted in US.

  • Mixpanel
    Used for engagement analytics in the app, allowing us to understand how features are used and make better product decisions.
    Does not contain identifiable personal information. Data hosted in EU.
  • Hubspot
    Used for usage analytics, email and phone conversations with our prospects and customers.
    Data deleted on request. Data hosted in US.
  • Mailchimp
    Used for sending non transactional emails.
    Data hosted in US.
  • Mailgun
    Used to send app emails.
    Data automatically deleted after 7 days. Data hosted in US.

  • Cloudinary
    Hosts images uploaded to Sunobi, such as client logos and people and user avatars.
    Contains Data deleted on request. Data hosted in US.

  • Cloudflare
    Used for Content Delivery Network (CDN) and Web Application Firewall (WAF) processing and securing all requests to the Sunobi application.
    Due to the nature of this globally distributed system, this data is processed closest to the user’s location. No customer data or personally identifiable information is stored in the service.

Things you should know

  1. Sunobi is headquartered in California, in the United States of America.
  2. Sunobi does not sell your personal data or information. Your personal information is not given to third parties for any external marketing purposes. However we may use it to send you information about Sunobi including product updates, features and offers.
  3. The Sunobi application and databases are hosted with Heroku in secure data centers in the EU.
  4. Our data is always transmitted securely over HTTPS, passwords are kept encrypted and database and software is regularly checked for any potential security issues.
  5. Sunobi keeps backup and logs for up to 18 months before they are automatically deleted. When you delete your Sunobi account, some Customer Data continues to be stored in backups for up to 18 months. Most will be deleted instantly.

What if I need more information, or have a special request?

We are continuously looking for ways to strengthen our privacy practices and improving our processes. If you are a Sunobi customer or partner and have any feedback, concerns or a special request about GDPR or privacy matters in general, please contact us at