RevPal Corp. ("RevPal", "we", "us") uses a number of third-party service providers ("Sub-Processors") to carry out certain processing of personal data on behalf of our clients. This list provides transparency and helps you understand who is handling data, for what purpose, and where.
Why we maintain this list
Under applicable data protection laws (such as the General Data Protection Regulation ("GDPR"), the California Consumer Privacy Act ("CCPA/CPRA"), and the UK GDPR), when a Processor engages a Sub-Processor, the Controller must have visibility and (in our case) the ability to raise concerns.
This page is the definitive list of our authorized Sub-Processors. We update it when changes occur.
How changes are handled
We post updates to this page when we add or remove Sub-Processors, including the effective date of the change.
If you (as our client) have legitimate concerns about a specific Sub-Processor listed here, please raise them in writing within 10 business days of the change.
If we cannot reasonably accommodate your concerns, the affected service may be terminated (per the terms of our Data Processing Agreement).
Current Sub-Processors
| Sub-Processor | Service / Role | Region(s) of Processing | Notes |
|---|---|---|---|
| Google Cloud | Hosting, infrastructure | United States | Primary infrastructure provider |
| Google Workspace | Email, productivity suite | United States | Client and team communication |
| Slack | Collaboration & messaging | United States | Internal & client communications |
| Asana | Project management | United States | Task and project tracking |
| FireFlies | Meeting-intelligence / transcription | United States | Data enrichment & meeting analytics |
| OpenAI | AI processing services | United States | AI-powered features — no training of general models with Client data |
| Anthropic | AI/ML processing services | United States | Same restrictions as above |
| Clay | Data enrichment & onboarding | United States | Enrichment of business data |
Note: This table reflects the state of our Sub-Processor list as of the "Last updated" date above.
Your rights & our obligations
We remain fully responsible for the Sub-Processors' activities just as we are for our own.
We ensure each Sub-Processor enters into a binding agreement requiring them to meet the same data protection and security standards as we do.
If a Sub-Processor processes data outside of the EEA/UK or in a jurisdiction lacking an adequacy decision, we ensure appropriate safeguards (such as the Standard Contractual Clauses) are in place.
Questions or concerns?
If you have questions about this list, would like more detail about a specific Sub-Processor, or wish to raise an objection under our Data Processing Agreement, please contact us at:
legal@gorevpal.com