Legal

Subprocessors

The third-party service providers HeyStream currently uses to host, operate, support, secure, and deliver the platform and certain feature-specific workflows.

This page identifies the main third-party subprocessors HeyStream uses to deliver the platform and certain platform-managed features.

It is intended to supplement our Privacy Policy and customer contractual documents by giving a clearer operational view of the vendors we rely on to process personal data on our behalf.

How to use this page

This page lists the subprocessors HEY SUMMIT LTD currently uses to provide and operate HeyStream. We use the term “subprocessor” here to mean a third-party service provider that may process personal data on our behalf when we act as a processor or service provider for our customers.

This list covers HeyStream-operated subprocessors that support the platform generally. It does not attempt to list every third-party tool a customer may choose to connect to HeyStream through optional integrations, because those depend on each customer's own configuration.

Customer-controlled integrations

Customers may choose to connect third-party tools such as CRMs, email platforms, payment tools, and other services to HeyStream. Those customer-selected integrations are not universally used subprocessors of HeyStream; they are optional services chosen and controlled by the customer.

Where a customer enables an integration, data may be sent to that provider according to the customer's instructions and that provider's own terms and privacy documentation.

Current subprocessors

The table below summarizes the third-party service providers HeyStream currently uses for core platform delivery or optional platform-managed features.

Provider Purpose Personal data involved Scope
Amazon Web Services (AWS) Application hosting, compute, storage, databases, queues, CDN-backed media delivery, logging, and infrastructure operations. Account data, event data, attendee and contact data, recordings, uploaded files, usage data, and system logs. Core production infrastructure.
Neon Managed Postgres database hosting. Account data, billing metadata, workspace data, event data, contact and CRM data, and product configuration data. Primary relational data store.
Cloudflare DNS, proxying, and related edge-network services for selected domains and streaming endpoints. IP addresses, request metadata, and traffic needed to route and protect requests. Network and domain operations.
LiveKit Real-time audio/video room infrastructure and egress support for live broadcast experiences. Presenter and participant session data, live media metadata, connection identifiers, and room-level operational data. Live streaming and real-time collaboration features.
Stripe Subscription billing, payment processing, and billing portal workflows. Customer billing details, subscription records, payment method metadata, invoices, and transaction status data. Payments and subscription management.
Resend Transactional and campaign email delivery. Recipient email addresses, sender details, email content, delivery status, and related messaging metadata. Operational and outbound email sending.
Sentry Error monitoring, diagnostics, and incident investigation. Application error metadata, technical logs, request context, and limited user or account identifiers included in error events. Reliability and debugging.
CloudConvert File conversion tasks where customers use document conversion features. Files submitted for conversion and related conversion metadata. Feature-specific processing only.
OpenAI AI-assisted features such as content generation or analysis where those features are enabled and used. Prompts, instructions, and content submitted through the relevant AI-powered workflow. Feature-specific processing only.
UserJot Feedback board and authenticated feature-request workflows. User identity details needed to authenticate and display feedback-board activity. Feedback and product request workflows.

Updates to this list

We may update this list from time to time as our service providers change or as new features require additional vendors. Material updates will be reflected on this page by changing the last-updated date and updating the list below.

If you need more detail about a listed provider, or if you need a contractual subprocessor notice process as part of an enterprise agreement or DPA, please contact us.

Contact

If you have questions about this subprocessor list or need additional privacy documentation, contact us at [email protected].

See also our Privacy Policy, Data Processing Addendum, and Terms of Service.