Subcontractors Document (Subprocessors) – I.Z.I.
1. Purpose
This document identifies the external providers (subprocessors) that collaborate with I.Z.I. in personal data processing, in accordance with GDPR (art. 28), LGPD, CCPA and other international regulations. All subprocessors are subject to data processing agreements (DPAs) or Standard Contractual Clauses (SCCs) and comply with equivalent security and privacy standards.
2. List of Subprocessors
| Provider | Service provided | Data processed | Location / Region | Privacy guarantees |
|---|---|---|---|---|
| Google LLC (Firebase) | Authentication, database, encrypted storage, notifications | Identifying data, diaries, interactions, technical logs | EU/USA | SCCs + ISO 27001 + end-to-end encryption |
| Stripe, Inc. | Web payment processing | Billing and transaction data | EU/USA | PCI DSS, SCCs, financial encryption |
| Apple Inc. (App Store) | In-app payment processing | Purchase data (no cards) | Global | Apple Privacy Policy, PCI DSS |
| Google Play (Google LLC) | In-app payment processing | Purchase data (no cards) | Global | Google Privacy Policy, PCI DSS |
| Google Cloud Vision API (Google LLC) | Image analysis and moderation | Images shared in chat/diary | EU/USA | SCCs, ISO 27001, encryption in transit and at rest |
| Perspective API (Google Jigsaw) | Text moderation (toxicity, harassment) | Message fragments | USA | Encrypted API, retention limits |
3. Document updates
The list is updated with each addition or removal of subprocessors.
Users will be notified in case of incorporation of providers that involve additional or sensitive processing.
Current version: 15/10/2025
4. Contact
For inquiries about subprocessors:
Contact: privacy@iziworld.app
DPO: dpo@iziworld.app
Address: Camí Terminal 6A, 07009, Palma de Mallorca