PartyEntry uses carefully selected service providers to deliver our platform. These providers process Personal Data only as necessary to provide their specific services, as defined in our Privacy Policy.
Below are the categories of service providers we work with, in accordance with GDPR Article 13 transparency requirements.
Service Providers (Categories of Recipients)
PartyEntry works with carefully selected service providers who process personal data only as necessary to deliver our platform services. Below are the categories of service providers we use:
Payment Processing Services
Provider: Stripe, Inc.
Purpose: Secure payment processing, fraud detection, and payout management
Location: Ireland (EU) and United States
GDPR: Compliant with Standard Contractual Clauses for US processing
Database and Hosting Services
Purpose: Data storage, authentication, and application hosting
Location: European Union
GDPR: All core data processed within EU data centers
Email Delivery Services
Purpose: Transactional email delivery (order confirmations, tickets, receipts)
Location: European Union
GDPR: EU-based operations with GDPR compliance
Analytics and Maps Services
Provider: Google LLC
Purpose: Website analytics (with your consent) and venue location display
Location: United States and Global
GDPR: Standard Contractual Clauses, IP anonymization, consent required for analytics
Data Protection: Core user data (accounts, orders, events) is processed entirely within the European Union. Services operating outside the EU use Standard Contractual Clauses and other GDPR-compliant safeguards.
Data Transfer Mechanisms
For sub-processors located outside the EU/EEA, PartyEntry relies on Standard Contractual Clauses (SCCs) and other GDPR-compliant transfer mechanisms to ensure your data is protected.
Data Protection: Core data is primarily processed within the EU. For services operating in the US (such as Google Maps and Analytics), proper GDPR safeguards including Standard Contractual Clauses are in place.
Update Process
Changes to Service Providers
PartyEntry may add or change service providers from time to time. When material changes occur that affect personal data processing, we will:
- Evaluate necessity and GDPR compliance
- Obtain appropriate Data Processing Agreements
- Update this page with new categories if needed
- Notify event organisers (30 days advance notice per their DPA)
- Update Privacy Policy
Event organisers have specific rights regarding sub-processors as outlined in their Data Processing Agreement signed during onboarding.
GDPR Article 28 Compliance
When acting as Data Processor for Organisers, we must:
- ✓ Only use sub-processors with adequate safeguards
- ✓ Have written contracts (DPAs) with all sub-processors
- ✓ Inform organisers of sub-processor list (this document)
- ✓ Allow organisers to object to new sub-processors
- ✓ Remain fully liable for sub-processor actions
Current Compliance Status: All vendors confirmed EU or have proper GDPR safeguards in place. DPAs obtained.
Contact Information
For Sub-Processor Questions:
Email: privacy@partyentry.com
Update Notifications:
When we add or change sub-processors, you will be notified via email (if you're an Organiser) and this list will be updated. You have 30 days to object to new processors.