CyberHoot Subprocessors
Last Updated: February 28, 2026
To support the delivery of our Services, CyberHoot, LLC engages select third-party service providers (“Subprocessors”) that may process Customer Data on our behalf.
CyberHoot does not sell personal data. Subprocessors are used solely to support service delivery, platform functionality, billing, communications, infrastructure, and related business operations, as described in our Privacy Policy.
Before engaging a Subprocessor, CyberHoot evaluates the vendor in alignment with our Written Information Security Plan (WISP) and cybersecurity governance framework.
CyberHoot maintains oversight of its Subprocessors through internal governance processes and periodic review as part of its broader risk management and policy review program.
| Vendor | Service Provided | Data Categories Processed | Primary Processing Location | Public Subprocessor / Legal Link |
| Amazon Web Services (AWS) | Cloud hosting & infrastructure | Application data, training records, system logs | United States | https://aws.amazon.com/compliance/sub-processors/ |
| Stripe | Payment processing | Billing contact info, payment metadata | United States | https://stripe.com/legal/service-providers |
| Zoho (Zoho Desk) | Customer support ticketing | Support communications, contact info | United States / Global | https://www.zoho.com/privacy/sub-processors.html |
| Brevo | Transactional & marketing email delivery | Email addresses, campaign metadata | United States | https://www.brevo.com/legal/termsofuse/ |
| Zoom | Video conferencing & webinars | Meeting metadata, recordings if enabled | United States | https://www.zoom.com/en/trust/subprocessors/ |
| Atlassian (Trello) | Internal collaboration & project tracking | Limited operational metadata | United States | https://www.atlassian.com/legal/sub-processors |
| Botpress | Chatbot & conversational automation | Chat interactions, support metadata | United States | https://botpress.com/legal |
| Loom | Video messaging & support recordings | Video recordings, support context | United States | https://www.atlassian.com/legal/security-measures – acesss-control |
| Have I Been Pwned | Breach lookup & exposure monitoring | Email addresses for exposure checks | United States | https://haveibeenpwned.com/Privacy |
| DeHashed | Dark web exposure lookup | Email addresses, identifiers for exposure checks | United States | https://www.dehashed.com/legal |
| Twilio | Two-factor authentication (2FA) SMS & alert text messages | Phone numbers, message metadata | United States | https://www.twilio.com/en-us/legal/sub-processors |
| Google (Google Workspace & Identity) | Google Sync integration (user-authorized) & Sign-in with Google | Account profile data, calendar & directory sync data (when authorized by user) | United States | https://workspace.google.com/terms/subprocessors/ |
| Microsoft (Graph API) | Microsoft 365 Sync integration (user-authorized) & Sign-in with Microsoft | Account profile data, directory & calendar sync data (when authorized by user) | United States | https://www.microsoft.com/en-us/trust-center/privacy/data-access |
| DeepL | Language translation | Text content submitted for translation | European Union (Germany) | https://www.deepl.com/en/privacy |
| Google Cloud Translate | Language translation | Text content submitted for translation | United States | https://cloud.google.com/terms/subprocessors |
| Plaid | ACH bank account verification & linking (via Stripe) | Financial account identifiers, bank routing metadata | United States | https://plaid.com/legal/ |
| MillionVerifier | Email address verification & validation | Email addresses | European Union (Hungary / Sweden) | https://policies.millionverifier.com/privacy-policy |
| Detect Language (detectlanguage.com) | Language detection for translated text | Text content submitted for language identification | European Union (Lithuania) | https://detectlanguage.com/privacy_policy |