Last updated: May 2026 — Schedaddle Limited Liability Company
These are the third-party vendors ("sub-processors") that store or process personal data on our behalf to deliver the Service. Each is bound by a data-processing agreement and may use data only to provide its service to us. We never share employee data with third parties for advertising.
| Vendor | What they do | Data they process | Location |
|---|---|---|---|
| Vercel | Web hosting, edge delivery, and scheduled jobs | All web-app request traffic; application secrets | United States |
| Supabase | Database, authentication, and file storage | All tenant data and personal data at rest; auth credentials | United States * |
| Stripe | Subscription billing | Billing contact and customer identifiers (card data handled entirely by Stripe) | United States / global |
| Resend | Transactional email | Recipient email addresses; schedule and invite content | United States |
| Optional sign-in (OAuth) and optional Calendar sync | OAuth identity (email, name); shift data if Calendar is connected | Global | |
| Expo / EAS | Mobile and kiosk app builds; push delivery | Build artifacts; push notification tokens | United States |
* Data residency: hosting reflects our current configuration. For regulated customers we confirm the exact processing region and provide each vendor's current compliance reports (e.g., SOC 2 / ISO 27001) on request — email privacy@schedaddle.co.
Customer-authorized integrations. Some features connect Schedaddle to a system you choose (for example, a point-of-sale or payroll provider such as Roller or QuickBooks). Those exchanges happen only when you enable them and are governed by your agreement with that provider; they are data flows you initiate, not sub-processors we route all data through.
Changes. We will update this page before engaging a new sub-processor that handles personal data, so you have the opportunity to object on reasonable data-protection grounds, as described in our Data Processing Addendum.