GDPR

Steady is fully compliant with the EU General Data Protection Regulation (GDPR).

GDPR adds new requirements regarding how companies should protect the data that they process. While we’ve always been compliant from a technical perspective, we’ve also updated our Privacy Policy to reflect our compliance with these requirements. In addition, below you’ll find information about our sub-processors and our Data Processing Addendum (DPA).

Data Processing Addendum

The Data Processing Addendum (DPA) to our Terms of Service details the rights and responsibilities for the processing and security of customer data.

Sub-processors

Steady uses third party sub-processors, such as cloud computing providers and customer support software, to provide our application to our customers. We enter into GDPR-compliant data processing agreements with each sub-processor, extending GDPR safeguards everywhere personal data is processed.

Here’s our list of sub-processors. All of the data is processed in the United States.

• Amazon Web Services - infrastructure hosting
• Bugsnag - error reporting service
• Cloudflare - security and DNS services
• Google - web analytics, infrastructure hosting, LLM inference
• Help Scout - customer support services
• Heroku - infrastructure hosting
• Loops - email delivery
• New Relic - application performance monitoring
• Postmark - transactional email delivery
• Plausible - web analytics service
• ProfitWell - payment analytics service
• Stripe - payment processing service
• Twilio - text message delivery

More Information

Contact us anytime for additional details.