Subprocessors
1. About This Page
This page lists third-party subprocessors that ServQore LLC ("we," "us," "our") engages to help deliver the Service to paying customers. A "subprocessor" is a vendor that processes Customer Data or account data on our behalf when we host, operate, bill, or support a customer's website and add-ons.
This list does not include vendors used only for ServQore's internal sales and prospecting (for example, tools that enrich public business listings before a business becomes a customer). Those vendors are covered in our Privacy Policy as part of ServQore's own data practices.
We notify customers of material additions to this list by updating this page and, where reasonable, emailing the primary contact on the account. To request email notification of subprocessor changes, contact privacy@servqore.com.
2. Core Subprocessors
These vendors process Customer Data or account data for all (or nearly all) paying customers as part of hosting, billing, and operating the Service.
Supabase
Purpose: Postgres database, authentication, storage, edge functions
Data: Customer Data (leads, form submissions, chat transcripts), subscription and account records, site configuration, operational logs
Location: United States (AWS us-east-1)
Cloudflare
Purpose: Workers, Pages hosting, CDN, DNS, edge middleware for customer websites
Data: IP addresses, request logs, hosted site files, edge routing metadata
Location: Global edge network
Stripe
Purpose: Subscription billing, checkout, customer billing portal
Data: Card details, billing addresses, transaction history (ServQore never stores full PAN/CVV)
Location: United States; EU and US processing
Resend
Purpose: Transactional and service email (order confirmations, lead alerts to the customer, portal and account messages)
Data: Recipient email addresses, message bodies, delivery metadata
Location: United States
Twilio
Purpose: Transactional SMS and Twilio Verify OTP (customer portal and account verification)
Data: Phone numbers, OTP and transactional message content, delivery metadata
Location: United States; global PoP routing
Google (Gemini)
Purpose: AI chat responses on customer websites (QoreAI chatbot)
Data: Prompts, conversation content, API request metadata
Location: United States; global
GitHub
Purpose: Site provisioning and deployment via Git Data API
Data: Customer site files, schema configuration, deployment metadata
Location: United States
3. Conditional Subprocessors
These vendors process Customer Data only when the customer has the corresponding add-on or feature enabled.
Vapi — QoreVoice add-on
Purpose: AI voice agent orchestration
Data: Call audio (transient), transcripts, telephony metadata
Location: United States
ElevenLabs — QoreVoice add-on
Purpose: Voice synthesis for AI voice agents
Data: Text prompts and generated audio (transient during call)
Location: United States
Twilio (voice) — QoreVoice add-on
Purpose: Inbound/outbound telephony for AI voice receptionist
Data: Phone numbers, call audio (transient), call metadata
Location: United States; global PoP routing
Google (Search Console / Business Profile) — GBP Management add-on
Purpose: Managed Google Business Profile and search presence
Data: Business profile content, listing metrics, API request metadata
Location: United States; global
4. ServQore-Only Vendors (Not Customer Subprocessors)
The following are not listed as Customer Data subprocessors because they support ServQore's own operations, sales, or marketing — not delivery of the Service to paying customers. They are described in our Privacy Policy where ServQore is the data controller.
- Lead discovery and enrichment (e.g., Google Places, Serper, Hunter.io, Firecrawl, Apify)
- Cold outreach to prospects before they become customers (email/SMS sent from ServQore's sales pipeline)
- Marketing analytics on servqore.com only (PostHog, Google Analytics / Ads, Meta Pixel — generally after cookie consent)
- Internal operator tools (admin dashboards, Slack notifications, maintenance scripts)
5. International Data Transfers
ServQore is established in the United States and processes data primarily in the United States. Where customer data is transferred from the European Economic Area, the United Kingdom, or Switzerland, we rely on contractual protections and other legally recognized transfer mechanisms where required. Customers requiring signed transfer annexes should contact legal@servqore.com.
6. Data Processing Agreement
If you require a signed Data Processing Agreement, review our Data Processing Addendum. To request a countersigned DPA, email legal@servqore.com with your organization name, signatory details, and applicable law (GDPR, UK GDPR, CCPA, etc.).
7. Data Subject Requests
If you are an end user of a business that uses ServQore (for example, a visitor who submitted a form on a customer website), contact that business directly to exercise your rights. That business is the controller of your data. For data ServQore controls directly (account holders, prospects, marketing site visitors), email privacy@servqore.com.
8. Contact
- Privacy and DPA: legal@servqore.com
- General support: support@servqore.com
- Mail: ServQore LLC, Atlanta, GA, USA
See also: Legal Center