Data Sub-processors
Last Updated, July 23rd 2025
📘 Legal & Compliance: Data Sub-processors
At VoiceB.ai, we are committed to ensuring transparency, security, and full compliance with data protection regulations, including the General Data Protection Regulation (GDPR) and other applicable privacy laws.
To support the delivery of our services, we engage certain reputable third-party service providers (sub-processors) who process customer personal data on our behalf and under our instructions. We carefully assess each provider to ensure they meet high standards of privacy, security, and legal compliance.
Below is a comprehensive overview of our current data processors.
✅ What Is a Sub-processor?
A sub-processor is a third party engaged by VoiceB to process personal data on behalf of our customers (the data controllers), while VoiceB acts as a data processor. These providers assist us in delivering functionality such as hosting, AI processing, authentication, and payment services.
Each sub-processor is bound by a Data Processing Agreement (DPA) that includes obligations regarding confidentiality, data protection, security measures, and breach notification.
🔐 List of Authorized Sub-processors
Vercel
Hosting platform for the VoiceB website and dashboard
United States
EU (configurable), US
Hosting, Static content & app delivery
Clerk.dev
Authentication & user management
United States
US (default), EU optional
Login & account handling
DPF . DPA + SCCs · Security Overview · Certifications: SOC 2 Type II (in progress)
ElevenLabs
Voice synthesis
Poland
EU (configurable), US
AI voice generation for agent calls
OpenAI
LLM provider (optional, depending on integration)
United States
US
Language processing for AI agent behavior
HubSpot
CRM & Marketing Automation
United States
US & EU
Sales, support, marketing workflows
Stripe
Payment processing infrastructure
United States
EU (configurable), US
Subscription billing & invoicing
Twilio
Telephony infrastructure & DDI routing
United States
EU (configurable), US
Voice call handling and phone number provisioning
Bland AI
Voice call infrastructure provider
United States
US
VoIP infrastructure, call routing
Nango
Unified API integrations platform
United States
EU (configurable), US
Connecting VoiceB to third-party CRMs via OAuth/API
📄 Data Processing Agreements
VoiceB.ai has a Data Processing Agreement (DPA) in place with each of its sub-processors. These agreements ensure that any processing of customer personal data is conducted in accordance with the GDPR and other applicable data protection laws.
All of our sub-processors:
Are subject to a GDPR-compliant DPA with VoiceB.ai
Are contractually obligated to implement appropriate technical and organizational security measures
May only process data based on our documented instructions
Must promptly notify VoiceB.ai in the event of a personal data breach or security incident
Are required to support data subjects’ rights to access, rectify, erase, or restrict their personal data
🌍 International Data Transfers
Some sub-processors are located outside the European Economic Area (EEA). When customer personal data is transferred internationally, we ensure that such transfers are conducted in full compliance with the GDPR, using one or more of the following legal mechanisms:
Standard Contractual Clauses (SCCs) approved by the European Commission
Adequacy decisions, including participation in the EU-U.S. Data Privacy Framework, where applicable
Binding Corporate Rules (BCRs), where adopted by the provider
Other lawful mechanisms permitted under Chapter V of the GDPR
We thoroughly assess the legal and privacy posture of all sub-processors prior to engagement, and require appropriate safeguards for any international transfer.
📥 Contact
For any questions or to request a signed copy of our Data Processing Agreement, please reach out to:
Last updated
Was this helpful?