Privacy facts at a glance
- Jurisdictions
- US · EU · CH · FI · FR · GB · IE · LV · DK · AU · EE
- Subprocessors
- 15
- Retention
- The documents reference a section on data accuracy and retention but do not state a specific retention period in the excerpts provided.
- Breach notification
- The DPA references Personal Data Breach obligations but no specific notification hour SLA is stated in the excerpts provided.
- Transfer mechanism
- SCCs (Module 3 Processor-to-Processor), UK IDTA, Brazil SCCs, and EU-US Data Privacy Framework
- SCC modules
- Module 3
- DPA available
- Yes
- Certifications
- ISO/IEC 27001:2022 · ISO/IEC 27701 · SOC 2 Type 2 · SOC 3 · EU-US DPF · UK Extension to EU-US DPF · DORA
- GDPR addressed
- Yes
- CCPA addressed
- Yes
Named subprocessors
Amazon Web Services, Inc.
Cloudflare, Inc.
Rackspace GmbH
Dealfront Finland Oy
Growster SAS (Surfe)
Messagebird UK Ltd. (Bird)
OpenAI Ireland Limited
Forge Technology, Inc. (Paragon)
Tet SIA
Twilio SendGrid, Inc.
Amplify5 ltd
Atlassian PTY Ltd. (LOOM)
Fullview ApS
Intercom R&D Unlimited Company
Pipedrive Inc.
Tracked documents
Recent changes
Public summary; per-account review history visible to subscribers tracking this vendor.
Track Pipedrive in your workspace.
Get notified when Pipedrive adds a subprocessor, changes retention, updates their DPA, or quietly amends their privacy posture.
Start tracking — 14-day trialNo card required.