Sub-processors
Last updated: 2026-06-13
To provide the Services, Aphrodite engages the third-party sub-processors below. Each is bound by a data processing agreement (or equivalent terms) under Article 28 of the GDPR, and international transfers are covered by appropriate safeguards as described in our Privacy Policy.
[TO BE COMPLETED BY LEGAL] Confirm that signed DPAs are on file for each provider below, and assess whether a customer-facing DPA is required for club/venue partners (Stripe Connect) where Aphrodite may act as processor or joint controller.
| Sub-processor | Purpose | Data processed | Location |
|---|---|---|---|
| Google (Firebase / Google Cloud Platform) | Hosting, database (Firestore), file storage, authentication, and push messaging (FCM). | Account, profile, content, technical and usage data, push tokens. | EU (primary region europe-west4); Google global infrastructure. |
| Google Maps Platform | Geocoding of addresses and map display for location-based discovery. | Address and approximate coordinates submitted for geocoding/maps. | United States / global. |
| Google reCAPTCHA Enterprise | Bot, fraud, and abuse prevention (security). | Device, network (including IP address), and interaction signals. | United States / global. |
| Stripe | Payment processing, subscription billing, and partner payouts (Stripe Connect). | Billing/subscription status, transaction records; payment details handled by Stripe. | United States / EU. |
| Resend | Delivery of transactional account and notification emails. | Email address and message content for delivery. | United States. |
Changes
We may update this list as our providers change. Material changes will be reflected here, and the “Last updated” date revised. To ask about sub-processors, contact aphrodite@aphrodite.is.