Privacy facts at a glance
- Jurisdictions
- US · EU · UK · Switzerland · Finland · France · Latvia · Ireland · Australia · Denmark · Estonia
- Subprocessors
- 16
- Retention
- Data retention is addressed in Section 9 of the Privacy Notice under 'Data Accuracy and Retention' but specific retention periods are not stated in the provided excerpts.
- Breach notification
- Breach notification is listed as a topic in the Trust Center under 'Data Breach Notifications' but no specific notification timeframe is stated in the provided excerpts.
- Transfer mechanism
- Standard Contractual Clauses (SCCs Module 3), UK International Data Transfer Addendum, Brazil Standard Contractual Clauses, and IGDTA for affiliate transfers
- SCC modules
- Module 3
- DPA available
- Yes
- Certifications
- ISO/IEC 27001:2022 · ISO/IEC 27701 · SOC 2 Type 2 · SOC 3 · EU-US DPF · UK Extension to EU-US DPF
- GDPR addressed
- Yes
- CCPA addressed
- Yes
Named subprocessors
Amazon Web Services, Inc.
Cloudflare, Inc.
Rackspace GmbH
Dealfront Finland Oy
Growster SAS (Surfe)
Messagebird UK Ltd. (Bird)
OpenAI Ireland Limited
Forge Technology, Inc. (Paragon)
Tet SIA
Twilio SendGrid, Inc.
Amplify5 ltd
Atlassian PTY Ltd. (LOOM)
Fullview ApS
Intercom R&D Unlimited Company
Pipedrive Inc.
Pipedrive OÜ
Tracked documents
Recent changes
Public summary; per-account review history visible to subscribers tracking this vendor.
Track Pipedrive in your workspace.
Get notified when Pipedrive adds a subprocessor, changes retention, updates their DPA, or quietly amends their privacy posture.
Start tracking — 14-day trialNo card required.