Sub-processors
Last updated: 6 May 2026
This page lists the third-party service providers ("sub-processors") that Pacific Board S.L., trading as Pulso (CIF B16674541, Carrer del Doctor Fleming 55, 2-2, 08860 Castelldefels, Barcelona, Spain), engages to help deliver the Pulso equipment-rental management platform and that may, in that capacity, Process personal data that our Customers (rental businesses) record in the Platform about their own end clients ("End-User Booking Data").
It is maintained in accordance with Article 28(2) of Regulation (EU) 2016/679 (the "GDPR") and forms part of Pulso's Data Processing Agreement by reference.
Scope of this page
This page covers only the sub-processors that act on Pulso's behalf as a processor, under the instructions of our Customers — that is, providers that touch End-User Booking Data as defined in the DPA.
It does not cover the providers Pulso uses for its own purposes as a data controller — such as website analytics, CRM, marketing, demo scheduling, contact forms, billing and Customer-facing support. Those providers are listed in our Privacy Policy.
Current sub-processors
| Sub-processor | What they do for Pulso | Country / region | Transfer mechanism |
|---|---|---|---|
| DigitalOcean, LLC | Cloud hosting of the Platform database and application | Frankfurt, Germany (EU data centre) | EEA hosting; SCCs with the US parent entity for any support access originating outside the EEA |
| BetterStack (Better Stack sp. z o.o.) | Application log management and error tracking | European Union | Within the EEA — no transfer |
| Twilio Inc. (SendGrid) | Transactional email delivery to end clients (booking confirmations, notifications, reminders) | United States | SCCs / EU–US Data Privacy Framework |
| Stripe, Inc. | Card-payment processing for end-client bookings | United States | SCCs / EU–US Data Privacy Framework |
| Redsys Servicios de Procesamiento, S.L. | Card-payment processing for end-client bookings (Spanish acquiring) | Madrid, Spain | Within the EEA — no transfer |
Each sub-processor is bound by a written contract imposing data-protection obligations no less protective than those set out in our DPA, including obligations regarding confidentiality, security, assistance, international transfers, and audit. Pulso remains fully liable to its Customers for any failure by a sub-processor to comply with those obligations.
Changes to this list
We will give Customers at least thirty (30) days' prior notice before a new sub-processor begins Processing End-User Booking Data, or before an existing one is replaced. Notice is given by:
- an in-Platform notice to the Customer's administrative users; and
- a dated entry on this page, with a changelog.
During the 30-day notice period, a Customer may object on reasonable grounds relating to data-protection compliance by writing to [email protected]. The objection handling, including the Customer's right to terminate the affected Services and receive a pro-rata refund of prepaid fees where no solution is agreed, is set out in Article 6 of the DPA.
Changelog
| Date | Change |
|---|---|
| 6 May 2026 | Initial publication of the sub-processor list. |
Contact
For questions about this page, about a specific sub-processor, or to request a copy of the transfer mechanisms we rely on (for example, Standard Contractual Clauses signed with a given sub-processor), write to:
Pacific Board S.L. (Pulso) Carrer del Doctor Fleming 55, 2-2 08860 Castelldefels, Barcelona, Spain