Last updated: 2026-05-29
This page lists the processors, independent-controller recipients, and platform services that may receive or process personal data in connection with the AffirmateMe Android application and its supporting backend.
This page is referenced from Sections 10 ("Sharing and Recipients") and 11 ("International Transfers") of the AffirmateMe Privacy Policy and is the authoritative source for the current set of material service providers and recipients, their roles, and the transfer mechanism that applies to each of them. When a material provider or recipient is added, replaced, or removed, this page is updated and the "Last updated" date above is bumped.
Role abbreviations:
Transfer-mechanism abbreviations:
| # | Provider | Role | Purpose | Data categories | Location | Transfer | DPA / Terms | Accepted on |
|---|---|---|---|---|---|---|---|---|
| 1 | Google Firebase Analytics / Google Analytics for Firebase — Google Ireland Limited / Google LLC | Processor for Analytics data not shared under Google products & services data sharing; independent controller for any Analytics data shared under Measurement Controller-Controller terms if that setting is enabled | Product usage measurement, engagement analytics, performance monitoring; gated by Consent Mode for EEA / UK / CH | App installation identifier, usage and event data, device / app metadata, IP address (truncated where consent denied), and limited security-diagnostic events where Analytics is enabled | Global (Google and Google subprocessors facilities; EU / US included) | Google Data Transfer Solution, including DPF for certified US Google entities where applicable; SCCs where required | Google Ads Data Processing Terms for Google Analytics / Google Analytics for Firebase; Measurement Controller-Controller Data Protection Terms apply only to shared data if Google products & services data sharing is enabled; Firebase privacy terms also describe Firebase service handling — see https://firebase.google.com/support/privacy and https://support.google.com/analytics/answer/9024351 | Google Ads DPT: 08.05.2026; Firebase terms: 25.04.2023 |
| 2 | Google Firebase Crashlytics — Google Ireland Limited / Google LLC | Processor | Crash reporting; UMP-gated for EEA / UK / CH | App installation identifier, crash and error diagnostics, app state and device metadata, analytics breadcrumbs where Analytics is enabled, and limited security-diagnostic data | Global (Google and Google subprocessors facilities; EU / US included) | Google Data Transfer Solution, including DPF for certified US Google entities where applicable; SCCs where required | Firebase Data Processing and Security Terms (auto-incorporated via Firebase ToS) — https://firebase.google.com/terms/data-processing-terms/ | 25.04.2023 |
| 3 | Google Firebase Cloud Messaging (FCM) — Google Ireland Limited / Google LLC | Processor | Push notification and reminder delivery; server-side dispatch via Firebase Admin SDK on the backend | Push-notification registration identifier and message delivery metadata | Global (Google and Google subprocessors facilities; EU / US included) | Google Data Transfer Solution, including DPF for certified US Google entities where applicable; SCCs where required | Firebase Data Processing and Security Terms for the client-side Firebase flow; Google Cloud Data Processing Addendum (https://cloud.google.com/terms/data-processing-addendum) for the server-side Firebase Admin SDK / Google Cloud API flow | Firebase terms: 25.04.2023; Cloud DPA: 08.05.2026 |
| 4 | Google AdMob — Google Ireland Limited / Google LLC | Independent controller for AdMob advertising services under Google Ads controller-controller terms; processor only for limited Google Ads processor-service features where expressly covered by Google Ads Data Processing Terms | Ad delivery, measurement, frequency capping; UMP + Consent Mode + TCF | Advertising identifiers, ad-request signals, IP address, device / app metadata, and consent signals | Global (Google and Google partner / subprocessor facilities; EU / US included) | Google transfer safeguards, including DPF for certified US Google entities where applicable; SCCs or other safeguards where required | Google Ads Controller-Controller Data Protection Terms for AdMob controller services; Google Ads Data Processing Terms only where a processor-service feature is in scope — see https://business.safety.google/gdpr/ and https://business.safety.google/controllerterms/ | AdMob ToS accepted at AdMob account registration; Google Ads DPT acceptance recorded via Google Analytics admin on 08.05.2026 |
| 5 | Google User Messaging Platform (UMP) — Google Ireland Limited / Google LLC | Platform / mixed role, tied to AdMob privacy messaging and consent flow | Presenting GDPR consent / privacy options messages, recording and transmitting consent choices for AdMob / TCF / Consent Mode | Consent signals, privacy-message metadata, region signal, and SDK / device metadata needed to determine message availability | Global (Google and Google partner / subprocessor facilities; EU / US included) | Google transfer safeguards, including DPF for certified US Google entities where applicable; SCCs or other safeguards where required | UMP is a Google SDK used with AdMob privacy messaging. Treat with the AdMob / Google Ads controller-controller and processor terms that apply to the underlying advertising and consent flow; Google does not publish a standalone UMP DPA | Same as for Google AdMob |
| 6 | Google Play Billing / Google Play — Google Ireland Limited / Google LLC and related Google Play entities | Platform / independent controller for payment, marketplace, merchant-of-record, tax, refund, and Play account processing; recipient of purchase data surfaced through the Play Billing library | In-app premium purchases handled by Google Play; surfaces purchase token, subscription state, restoration, and refund signals back to the App via the Play Billing library | Subscription purchase and entitlement data, including purchase identifiers, subscription status, and country of purchase | Global (Google and Google partner / subprocessor facilities; EU / US included) | Google transfer safeguards, including DPF for certified US Google entities where applicable; SCCs or other safeguards where required | Google Play Developer Distribution Agreement + Google Play / payment terms. This row is included for transparency, but Google Play should not be treated as a processor for the merchant-of-record/payment portion of the flow. | Play DDA: 15.11.2018 |
| 7 | Google Play Android Publisher API — Google Ireland Limited / Google LLC | Processor for server-side API validation under Google Cloud terms | Server-side entitlement validation: backend receives a Google Play purchase token through a protected App request, validates it with the Google Play Android Publisher API, and returns only selected subscription status fields to the App for entitlement validation | Google Play purchase token sent by the backend; selected Google Play subscription status fields returned to the backend for entitlement validation | Global (Google and Google subprocessors facilities; EU / US included) | Google Data Transfer Solution, including DPF for certified US Google entities where applicable; SCCs where required | Google Cloud Data Processing Addendum — https://cloud.google.com/terms/data-processing-addendum | Cloud DPA: 08.05.2026 |
| 8 | Google Play Integrity API / Google Play — Google Ireland Limited / Google LLC | Platform / independent controller for Google Play security and abuse-prevention processing; backend remains controller for its own transient token / verdict handling and limited categorical outcome logging | App and device integrity attestation for observation-only App security and anti-abuse analysis. The App obtains a Play Integrity token and the backend decodes the verdict to measure how many users would fall under reject / warning verdict categories before deciding whether to enforce blocking later. | App and device integrity attestation data, app recognition signals, related SDK / network metadata needed to verify the integrity verdict, and limited categorical verification outcomes used for diagnostics and anti-abuse monitoring | Global (Google and Google partner / subprocessor facilities; EU / US included) | Google transfer safeguards, including DPF for certified US Google entities where applicable; SCCs or other safeguards where required | Google Play Integrity API Terms, Google Play Developer Distribution Agreement, and Google Controller-Controller Data Protection Terms; Google Play is listed by Google as a Controller Service rather than a processor service | Play DDA: 15.11.2018 |
| 9 | Hetzner — Hetzner Online GmbH (Germany) | Processor | Hosting the backend application, static media asset delivery, and backend-side logging / metrics tooling operated within the same backend hosting environment. | Connection and request technical data processed by the backend host (including IP address and request metadata); the pseudonymous app token; device, content, and reminder preferences; push-notification registration data; subscription validation data; security and anti-abuse verification data used for observation-only integrity analysis; and backend operational logs and metrics containing pseudonymous technical request metadata and diagnostic events. These data may transit through or be temporarily stored on Hetzner while the backend handles requests and keeps logs / metrics; managed database storage is listed separately in the Scaleway row. | Germany, EU (server location selected in Germany; Hetzner DPA / AVV states that if a server location within the EU is chosen, data is processed only within the EU) | In-EEA; no Art. 44 third-country transfer for this processor while the backend server remains in Germany / EU | Hetzner Data Processing Agreement / AVV — https://www.hetzner.com/AV/DPA_en.pdf; customer-account DPA acceptance — https://accounts.hetzner.com/account/dpa | 18.04.2026 |
| 10 | Scaleway Managed Database — Scaleway SAS (France) | Processor | Managed backend database storage for the device-level record: device authentication, reminder configuration, last-served content state, notification scheduling, privacy export / deletion, automated retention cleanup, and database backups. | Device-level record associated with the pseudonymous app token, including device authentication data, reminder and notification scheduling data, content state, and language / timezone preferences; the same categories may be present in database backups while retained | France, EU | In-EEA; no Art. 44 third-country transfer identified while the database and backups remain in France / EU. Reassess if database or backup location, snapshot/export, or replica configuration changes. | Scaleway Data Processing Agreement 2024 — https://www-uploads.scaleway.com/DPA_2024_ENG_b0abb5cc26.pdf; Scaleway contracts page — https://www.scaleway.com/en/contracts/; Scaleway sub-processor list — https://www.scaleway.com/en/subprocessorlist/ | 29.04.2025 |
| 11 | Cloudflare — Cloudflare, Inc. (US) / Cloudflare Ireland Ltd. (EEA contracting entity) | Processor | Reverse proxy / CDN only in front of static media asset delivery: edge caching of media assets, TLS termination, DDoS protection. Backend service traffic that handles device records, reminders, privacy requests, and subscription validation is not proxied through Cloudflare. | IP address, request metadata, and connection metadata | Global edge network (US + EU + other regions) | DPF where applicable; SCCs / UK Addendum for restricted transfers where required | Cloudflare DPA — https://www.cloudflare.com/cloudflare-customer-dpa/ | Cloudflare Self-Serve Agreement: 24.01.2017; current Cloudflare DPA v6.4 effective 03.04.2026, incorporated into Main Agreement |
We may add, replace, or remove providers and recipients from time to time. When we do, we will update this page and the "Last updated" date above. Material changes that meaningfully expand the recipients of personal data will also be reflected in the Privacy Policy.