Legal
Sub-processors
This page lists third parties that process personal data on our behalf when you use the AmbassadorFlow platform (including the Shopify app, WooCommerce plugin, and Ambassador Center). It supplements our Privacy Policy.
Summary
| Sub-processor | Purpose | Data processed | Location | Privacy policy |
|---|---|---|---|---|
| Hetzner Online GmbH | Cloud hosting (application servers, databases, file storage) | All data stored in the AmbassadorFlow application | European Union (primary); United States (where used for specific stacks) | hetzner.com/legal/privacy-policy |
| Twilio SendGrid | Transactional email delivery | Recipient email address, message content (may include name and referral codes) | United States — EU Standard Contractual Clauses (SCCs) apply | twilio.com/legal/privacy |
| Stripe Payments Europe Ltd | Platform subscription billing for non-Shopify Clients (WooCommerce and direct sign-up) | Client billing contact, payment metadata, card last four digits and expiry (full card numbers are processed directly by Stripe, not stored by us) | Ireland / United States — EU Standard Contractual Clauses (SCCs) apply | stripe.com/privacy |
| MillionVerifier | Real-time email validation on referral join-page signup (when enabled by merchant) | Email address submitted at signup | European Union / United States (SaaS provider) | millionverifier.com/privacy-policy |
| Shopify Inc. | E-commerce platform integration — orders, customers, checkout, mandatory GDPR webhooks, shop metafields | Customer and order data as configured by the merchant’s Shopify store; webhook payloads for GDPR requests | Global (merchant store region) | shopify.com/legal/privacy |
Hetzner Online GmbH
Hosts the AmbassadorFlow application and MySQL databases. Data is encrypted in transit (TLS). Access is restricted to authorised operations staff. Privacy policy: hetzner.com/legal/privacy-policy.
Twilio SendGrid
Delivers system emails (account notifications, GDPR export delivery to merchants) and merchant-branded emails to referral ambassadors (reward codes, programme messages). Merchants may authenticate their own sending domain via SendGrid. Privacy policy: twilio.com/legal/privacy.
Stripe Payments Europe Ltd
Processes subscription payments for Clients who sign up outside the Shopify App Store billing flow (for example WooCommerce merchants and direct registrations on go.ambassadorflow.com). Stripe receives payment card details directly; AmbassadorFlow stores only a payment token and limited billing metadata. Stripe is not used to process End Customer (referral programme) data and is not engaged for Shopify App Store subscription charges (those are billed by Shopify). Privacy policy: stripe.com/privacy.
MillionVerifier
Optional fraud-prevention check when a customer signs up to a merchant’s referral programme on the join page. Only the email address is sent to MillionVerifier. Merchants can disable this in Security & Anti-Fraud settings. Privacy policy: millionverifier.com/privacy-policy.
Shopify Inc.
When a merchant installs the AmbassadorFlow app on Shopify, we receive and process customer and order data via Shopify’s APIs and webhooks (including customers/data_request, customers/redact, and shop/redact for GDPR compliance). We may write short-lived shop metafields (for example a pre-rendered thank-you page offer) keyed by a hashed email identifier with a maximum retention of 24 hours.
Shopify acts as the merchant’s platform provider; the merchant’s relationship with Shopify is governed by Shopify’s own terms and privacy policy.
Changes
We will update this page when we add or replace sub-processors. Material changes will be reflected in our Privacy Policy.
Questions: support@ambassadorflow.com