Subprocessors
NivaDesk is operated by EGGCRAFT LIMITED.
This Subprocessors page explains the third-party service providers that NivaDesk may use to host, operate, secure, support, and improve the NivaDesk service.
This document supports our Privacy Policy, Terms of Service, Security Overview, and Data Processing Agreement. It lists the core providers we use or may use to operate NivaDesk, depending on the features enabled for a customer.
1. Who we are
NivaDesk is operated by EGGCRAFT LIMITED, 141 Randolph Avenue, London, W9 1DN, United Kingdom.
For privacy, data protection, or subprocessors questions, contact us at: contact@nivadesk.co.uk.
2. What is a subprocessor?
A subprocessor is a third-party service provider that may process personal data on behalf of NivaDesk in order to help us provide our service to customers.
For example, NivaDesk may use cloud infrastructure to store workspace data, authentication providers to manage login, payment providers to process subscriptions, or email providers to send account and service emails.
3. Our approach
We aim to use trusted providers that support reasonable security, reliability, and privacy standards.
We only allow subprocessors to process personal data for the purposes needed to provide their services to us. We do not sell personal data. We do not use workspace content, client files, order records, or private business data for advertising to customers.
Where required, we enter into appropriate contracts with subprocessors, including data processing terms and confidentiality obligations.
4. Data that subprocessors may process
Depending on the service and feature used, subprocessors may process limited categories of data such as:
- account data, such as name, email address, user ID, login method, and workspace role;
- workspace data, such as order records, customer details, tasks, notes, timelines, and activity logs;
- uploaded files and related metadata, such as file name, size, type, storage path, upload date, and uploader;
- payment and subscription information, such as plan, invoice status, subscription ID, and billing contact details;
- technical data, such as IP address, device type, app version, logs, diagnostics, crash reports, and security events;
- communication data, such as support requests, transactional emails, and service notifications.
5. Current and expected subprocessors
The providers below may be used to operate NivaDesk, depending on the platform, plan, and features a customer uses.
Firebase / Google Cloud
Purpose: authentication, database, cloud storage, hosting, functions, security rules, app infrastructure, and sync.
Data categories: account data, workspace data, uploaded files, metadata, and technical logs.
Location / notes: used for core NivaDesk infrastructure such as authentication, database, storage, hosting, functions, and sync.
Apple
Purpose: Apple sign-in, App Store distribution, in-app purchases, subscriptions, and app platform services.
Data categories: Apple account identifier, email where shared, subscription status, and app transaction data.
Location / notes: applies where users download, sign in, or subscribe through Apple services.
Google / Google Play
Purpose: Google sign-in, Google Play distribution, subscriptions, app services, and Android platform support.
Data categories: Google account identifier, email/profile information where shared, subscription status, and app transaction data.
Location / notes: applies where users download, sign in, or subscribe through Google services.
Stripe
Purpose: web payments, billing portal, subscriptions, invoices, receipts, taxes, and payment status.
Data categories: billing contact data, payment method token/reference, invoices, subscription data, and transaction data.
Location / notes: needed if NivaDesk offers direct web billing. Full card numbers are not stored by NivaDesk.
Email delivery provider
Purpose: transactional emails such as login, account, billing, security, support, and service notifications.
Data categories: name, email address, message metadata, and email content needed for delivery.
Location / notes: used only if this service is configured for NivaDesk.
Analytics provider
Purpose: website and product analytics, usage measurement, feature improvement, and performance insights.
Data categories: usage data, device/browser data, approximate location, event data, and cookie or device identifiers where enabled.
Location / notes: use only where configured and with consent where required.
Crash/error monitoring provider
Purpose: crash reports, diagnostics, reliability monitoring, and bug fixing.
Data categories: technical logs, device/app data, error traces, and user/session identifiers where necessary.
Location / notes: used only if this service is configured for NivaDesk.
Customer support provider
Purpose: support tickets, help desk, user messages, screenshots, and support history.
Data categories: contact details, support messages, and screenshots or attachments sent by the user.
Location / notes: used only if a dedicated support tool is configured for NivaDesk.
6. Core infrastructure providers
Core infrastructure providers are necessary to operate NivaDesk. They may support account authentication, database storage, file storage, serverless functions, hosting, app sync, backup, and security controls.
Because these providers are needed for the service to work, users cannot usually opt out of core infrastructure processing while continuing to use NivaDesk.
7. Payment providers
Payment providers process subscriptions, renewals, invoices, receipts, refunds, tax information, fraud checks, and payment status.
If you subscribe through Apple App Store or Google Play, your payment relationship may be with Apple or Google. If you subscribe through our website, payment may be processed through Stripe or another payment provider.
NivaDesk does not store full card numbers on its own systems.
8. Analytics and diagnostics providers
We may use analytics and diagnostics providers to understand how the website and product are used, measure performance, fix bugs, and improve reliability.
Where required by law, non-essential analytics or marketing cookies will only be used after consent. Analytics should not be used to inspect private workspace content, uploaded files, or customer records for advertising purposes.
9. Support and communication providers
We may use email, help desk, or customer support providers to respond to support requests, send account messages, deliver billing notices, and provide service-related updates.
Please avoid sending unnecessary sensitive information in support messages unless it is needed to resolve your request.
10. International transfers
Some subprocessors may process data outside the United Kingdom or European Economic Area.
Where required, we use appropriate safeguards for international transfers, such as adequacy decisions, standard contractual clauses, the UK International Data Transfer Agreement, or other lawful transfer mechanisms.
11. Changes to subprocessors
NivaDesk may add, replace, or remove subprocessors as our service develops.
We will update this page when material subprocessors change. Business customers that have a Data Processing Agreement with us may have additional notification rights as described in that agreement.
If you have concerns about a new subprocessor, contact us at contact@nivadesk.co.uk.
12. Customer responsibilities
Customers are responsible for deciding what personal data they add to NivaDesk and ensuring they have the right to process that data.
If you use NivaDesk to manage your own clients, customers, suppliers, contractors, employees, or other third parties, you are responsible for providing any privacy notices or consent required by law.
You should only upload files and data that are necessary for your business use and should avoid storing unnecessary sensitive information.
13. Contact
If you have questions about this Subprocessors page, our providers, or how NivaDesk processes data, please contact:
EGGCRAFT LIMITED
141 Randolph Avenue
London
W9 1DN
United Kingdom
Email: contact@nivadesk.co.uk