virvell
Get Started
AI-Powered Conversational Intelligence

Sub-Processors

Last updated: November 2025

🔔 Subscribe to Updates

Receive notifications when we add or change sub-processors. Email privacy@virvell.ai with subject "Sub-processor Updates Subscription"

What are Sub-Processors?

Sub-processors are third-party service providers that Virvell engages to process customer data on our behalf. Under our Data Processing Agreement (DPA), we maintain full transparency about all sub-processors who may have access to your data.

We ensure that all sub-processors:

Current Sub-Processors

AI Language Services Provider

Core Service

Service Provided: Natural language processing and conversation analysis

Data Processed: Voice transcripts, conversation content, behavioral insights

Location: United States

Purpose: Powering AI-driven conversation analysis and report generation

Security: SOC 2 Type II certified, enterprise-grade encryption

Voice Processing Provider

Core Service

Service Provided: Voice call infrastructure, transcription, and processing

Data Processed: Voice recordings, phone numbers, call metadata

Location: United States

Purpose: Orchestrating voice calls and converting speech to text

Security: SOC 2 Type II certified, encrypted call handling

Stripe, Inc.

Payment

Service Provided: Payment processing and subscription management

Data Processed: Payment information, billing addresses, subscription details

Location: United States

Purpose: Processing customer payments and managing subscriptions

Security: PCI DSS Level 1 certified

Privacy Policy: stripe.com/privacy

Salesforce (Heroku)

Infrastructure

Service Provided: Cloud hosting infrastructure and database management

Data Processed: All customer data stored in the Virvell platform

Location: United States (US region)

Purpose: Hosting the Virvell application and securely storing data

Security: SOC 2 Type II, ISO 27001, GDPR compliant

Privacy Policy: salesforce.com/privacy

Twilio Inc. (SendGrid)

Communication

Service Provided: Transactional email delivery

Data Processed: Email addresses, notification content, delivery metadata

Location: United States

Purpose: Sending automated emails (reports, notifications, alerts)

Security: SOC 2 Type II, ISO 27001 certified

Privacy Policy: twilio.com/privacy

Adding New Sub-Processors

When we engage a new sub-processor, we:

  1. Notify customers via email at least 30 days before authorization
  2. Update this page with full details about the new sub-processor
  3. Provide objection period of 5 business days as outlined in our DPA
  4. Ensure compliance with the same data protection standards as existing sub-processors

✉️ How to Object to a New Sub-Processor

Enterprise customers have the right to object to new sub-processors for reasonable and explained grounds. To exercise this right:

  1. Send written objection to privacy@virvell.ai
  2. Include your reasons for objection
  3. Submit within 5 business days of receiving notification

We will work in good faith to resolve your concerns or provide alternative service delivery methods.

Data Protection Safeguards

All sub-processors are contractually required to:

International Data Transfers

Some sub-processors are located outside your jurisdiction. For transfers from the EU/EEA, UK, or Switzerland, we rely on:

See our Data Processing Agreement for full details on cross-border transfer mechanisms.

Questions About Sub-Processors?

Contact our privacy team:

Related Documents:
Data Processing Agreement | Privacy Policy | Security & Compliance