eSquirrel sub-processors
eSquirrel Sub-Processors
Last updated April, 19 2026
## (DE) Informationen zu eingesetzten Subdienstleistern
eSquirrel setzt zur Bereitstellung, Wartung, Absicherung und Weiterentwicklung seiner Services sorgfältig ausgewählte externe Dienstleister (Subdienstleister / Sub-Processor) ein. Diese Unternehmen verarbeiten personenbezogene Daten ausschließlich im Auftrag und nach dokumentierten Weisungen von eSquirrel, soweit dies zur Erbringung der jeweiligen Leistungen erforderlich ist.
Die Beauftragung erfolgt ausschließlich auf Grundlage schriftlicher vertraglicher Vereinbarungen gemäß den anwendbaren datenschutzrechtlichen Vorgaben. Diese Vereinbarungen enthalten insbesondere Regelungen zu Vertraulichkeit, technischen und organisatorischen Maßnahmen, Datensicherheit sowie – soweit erforderlich – geeignete Garantien für internationale Datenübermittlungen, insbesondere die von der Europäischen Kommission verabschiedeten Standardvertragsklauseln.
eSquirrel prüft eingesetzte Subdienstleister sorgfältig im Hinblick auf Zuverlässigkeit, Datenschutz und Informationssicherheit und aktualisiert diese Übersicht laufend.
Nachstehend findet sich eine aktuelle Übersicht der eingesetzten Subdienstleister einschließlich ihres Standorts und des jeweiligen Verarbeitungszwecks.
—
## (EN) Information on Engaged Subprocessors
eSquirrel engages carefully selected external service providers (subprocessors) for the provision, maintenance, security and further development of its services. These companies process personal data solely on behalf of eSquirrel and in accordance with documented instructions, to the extent necessary for the performance of the respective services.
All engagements are based on written contractual agreements in accordance with applicable data protection requirements. Such agreements include, in particular, provisions regarding confidentiality, technical and organisational measures, data security and, where required, appropriate safeguards for international data transfers, including the Standard Contractual Clauses adopted by the European Commission.
eSquirrel carefully assesses engaged subprocessors with regard to reliability, data protection and information security and keeps this overview up to date.
Below is a current overview of the engaged subprocessors, including their location and the respective purpose of processing.
| Recipient | Category | Location | Aim of the data processing |
| Amazon Web Services | Cloud Infrastructure (IaaS/PaaS) | EU | Hosting, backups, infrastructure services |
| Cloudflare | CDN / Security / Reverse Proxy / DNS | Global (incl. EU/U.S.) | Content delivery, availability, DDoS protection |
| Google (Google Workspace incl. Gmail, Drive, Docs, Meet) | Productivity / Email / Collaboration / Storage | EU (configured) | Internal communication, file storage, meetings, collaboration |
| Heroku | Cloud Platform (PaaS) | EU | Application hosting, database services, logs |
| Postmark | Transactional Email Service | U.S. | Delivery of system-generated transactional emails |
| Scalyr | Logging / Monitoring | EU | Technical logging and operational monitoring |
| Sentry | Error Tracking / Monitoring | EU | Web and backend error monitoring / crash reporting |
| Freshworks (Freshsales, Freshdesk) | CRM / Helpdesk | EU | Customer relationship management and support services |
Außerhalb schulischer Nutzung / Corporate Functions
| Recipient | Category | Location | Aim of the data processing |
| Braintree | Payment Processing | EU | Processing of card and PayPal payments |
| Google (Firebase) | Mobile Infrastructure / Notifications / Monitoring | U.S. | Android push notifications (opt-in only), crash reporting (opt-in only) |
| Freshworks (Freshteam) | Recruiting / HR Software | U.S. | Applicant tracking and recruitment management |
| Intuit Mailchimp | Email Marketing | U.S. | Marketing email delivery |
| PayPal | Payment Processing | EU | Payment handling and invoicing support |
| SevenIT | Accounting / Invoicing | EU | Accounting and invoicing |
| Slack | Internal Communication / Messaging | U.S. | Internal business communication |
| Twilio | SMS Delivery | U.S. | Delivery of verification SMS after explicit phone signup |
Locations refer to configured primary hosting regions where applicable. Certain ancillary processing (e.g. support, security operations, metadata processing) may occur in other jurisdictions depending on the provider.