GDPR at Spike
Spike is operated by FatSync Software Private Limited and hereby referred to as Spike and provides an incident management and alerting platform used by organizations globally.
This page outlines our data processing practices, subprocessors, and transfer safeguards in accordance with the General Data Protection Regulation (GDPR).
Data Hosting & International Transfers#
Spike is incorporated in India.
Our production infrastructure and databases are hosted in the United States.
Personal data may be transferred outside the European Economic Area (EEA) or United Kingdom. Where such transfers occur, they are governed by appropriate safeguards, including the European Commission’s Standard Contractual Clauses (2021).
You can review our Data Processing Addendum (DPA) here:
→ View Data Processing Addendum
The full EU Standard Contractual Clauses (2021) are incorporated by reference within our DPA.
Subprocessors#
Spike engages trusted third-party service providers to operate and deliver the platform. These subprocessors process personal data only as necessary to provide infrastructure and communication services.
| Subprocessor | Purpose | Location |
|---|---|---|
| Amazon Web Services (AWS) | Cloud infrastructure hosting | United States |
| MongoDB Atlas | Database hosting | United States |
| Twilio | SMS notification delivery | United States |
| Plivo | SMS notification delivery | United States |
| SendGrid (Twilio) | Transactional email delivery | United States |
| Loops.so | Marketing and engagement email delivery | United States |
We may update this list from time to time. Customers may contact [email protected] with any questions regarding subprocessors.
Data Subject Requests#
If you are located in the EEA or UK and wish to exercise your rights under GDPR (access, correction, deletion, restriction, objection, or data portability), please contact:
We respond to valid requests within 30 days.