CommunityBridge Subprocessor and Third-Party Services List
Working list of services referenced in the workspace. Confirm production usage before sharing externally.
Review required: This is a starter list compiled from workspace evidence. It should be reviewed against the actual production environment and contractual status before being presented as a final subprocessor list. |
Referenced services and tools
Service / Tool | Observed purpose | Share externally only after confirming |
Firebase | Authentication, data, storage, and related application services are referenced in the workspace. | Production usage, configuration, contract status |
Expo / EAS | Mobile build, distribution, and update tooling are referenced. | Release and deployment scope |
Sentry | Crash and error monitoring configuration is referenced. | Production enablement and retention details |
Google services | Google platform or mapping-related configuration surfaces may be referenced in the workspace. | Which services are enabled in production |
Twilio | SMS-related server configuration surfaces appear in the workspace. | Whether active in production and under what conditions |
Email / SMTP provider | Email-based communication and 2FA-related configuration surfaces are referenced. | Specific provider, contract, and approved use |
What to finalize
- Final vendor name and service description
- Location or region where the service processes data
- Customer-facing purpose statement
- Contract and security review status
- Whether a BAA or similar agreement is in place where needed