NewPhone2 is now on Zapier

Phone2, Inc. Legal Sub-Processors and Data Protection

Last updated: January 17, 2026

Phone2, Inc. Sub-processor List and Data Protection Practices

1. Introduction

Phone2, Inc. ("Phone2," "we," "our," or "us") engages carefully selected third-party service providers ("Sub-Processors") to support the delivery of our services, including our Slack integration and core communications infrastructure. This document discloses those Sub-Processors and explains how we protect customer data when it is processed by these providers.

All Sub-Processors are contractually required to process data solely on our behalf and in accordance with applicable data protection regulations, including GDPR, CCPA, and industry security standards.

2. Definition of Sub-Processors

A "Sub-Processor" is any third-party service provider that Phone2 authorizes to process personal data, infrastructure metadata, or communications-related information on our behalf as part of delivering our services.

3. Current Authorized Sub-Processors

The following entities may process limited customer or usage-related data for the purposes outlined below:

Sub-ProcessorPurposeData ProcessedLocation
Microsoft AzureCloud hosting and core infrastructureEncrypted account and authentication dataUnited States
Amazon Web Services (AWS)Backup and redundancy infrastructureEncrypted call and messaging metadata (for redundancy)United States
StripePayment processing and subscription billingCustomer identifiers and billing detailsUnited States / EU
Slack TechnologiesMessaging and internal notification deliveryWorkspace identifiers, channel metadata, alert textUnited States
Google (Firebase / Workspace / Analytics)Internal tools, analytics, and loggingCrash logs, usage behavior, support-related dataUnited States
Public Switched Telephone Network (PSTN) ProvidersGlobal call and SMS deliveryPhone numbers and routing metadata strictly for transmissionWorldwide (determined by destination)

4. Data Transfer and Protection Measures

All Sub-Processors are required to implement industry-standard security measures, including:

  • Encryption in transit (TLS 1.2 or higher) and encryption at rest.
  • Access controls with strict authentication requirements.
  • Processing data solely under Phone2's documented instructions.

Where data may be transferred internationally, such transfers are performed in compliance with applicable regulations, including GDPR-approved mechanisms such as Standard Contractual Clauses (SCCs).

5. Updates to This List

We may update this Sub-Processor list from time to time as our infrastructure evolves. When material changes occur, we will post an updated revision date at the top of this page.

6. Contact Information

If you have any questions regarding this Sub-Processor list or our data protection practices, please contact us at:

Phone2, Inc.
8 The Green
Dover, DE 19901 USA
Email: hello@phone2.io