Entity: PT Panca Gala Mandiri
Contact: legal@invoicebest.com
Overview
We use carefully selected third‑party service providers (subprocessors) to help us deliver the Invoice Best service. Each subprocessor only receives the minimum personal data necessary for the task, under a written agreement with confidentiality and security obligations. For details on our privacy practices, see our Privacy Policy.
Change notifications. For material changes (e.g., adding a new subprocessor for core data), we will provide at least 30 days’ notice via in‑app or website notice before the change takes effect.
Current Subprocessors
| Subprocessor | Purpose | Categories of Personal Data | Typical Data Subjects | Processing Location(s) | Notes |
|---|---|---|---|---|---|
| Supabase | Database hosting, storage, daily backups | Account data, Customer Content metadata, audit logs | Account users; your invoice recipients (as part of Customer Content) | Global (provider‑managed regions) | Encryption at rest & in transit; daily backups retained ~35–90 days |
| Dodo Payments | Subscription payment processing (global) | Billing contact details, plan info, transaction metadata (no full card numbers stored by us) | Account billing contacts | Global (provider‑managed) | Processor for subscription fees only; not used to settle your outbound invoices |
| Midtrans | Subscription payment processing (Southeast Asia) | Billing contact details, plan info, transaction metadata | Account billing contacts | Indonesia / SEA | Processor for subscription fees only |
| OpenAI | AI inference for optional features (e.g., insights, categorization, text processing) | Prompts/content you submit for AI processing; usage metadata | Account users; data present in prompts | Global (provider‑managed) | API data not used to train models by default (opt‑in only); limited retention for abuse monitoring |
| Google Gemini | AI inference for optional features | Prompts/content you submit for AI processing; usage metadata | Account users; data present in prompts | Global (provider‑managed) | When used as Paid Service (billing‑enabled), prompts/responses not used to train. Abuse‑monitoring logs retained for ~55 days; optional log‑sharing for model improvement is opt‑in |
| Resend | Transactional email delivery (e.g., login, billing, alerts) | Account email, message metadata, delivery/bounce data | Account users; invoice recipients (where applicable) | United States | DPA with SCCs; data stored in the US |
| Analytics provider (TBD) | Product analytics to improve the Service | Pseudonymous identifiers, device/browser data, page/app events | Site visitors; account users | Global (provider‑managed) | Non‑essential; controlled via cookie preferences where available |
Data Processing Details
Controller vs. Processor. We are the controller for account/billing/support/analytics data. We act as your processor for Customer Content (e.g., invoice data) and send it to AI providers only when you invoke AI features.
Legal safeguards. We use appropriate safeguards for international transfers (e.g., EU/UK Standard Contractual Clauses where applicable). Subprocessors are bound by confidentiality and security obligations.
Security. We require encryption in transit and at rest where supported, access controls, and least‑privilege access. See Security section in our Privacy Policy.
Retention. We keep personal data only as long as necessary to provide the service and meet legal obligations. Backups are typically retained ~35–90 days.
Subprocessor Changes Log
- 2025‑11‑12: Initial publication of subprocessor list (Supabase, Dodo Payments, Midtrans, OpenAI, Google Gemini; placeholders for email/analytics providers).
Questions or Objections
Enterprise customers may request additional information or raise reasonable objections to a new subprocessor by emailing legal@invoicebest.com within the notice period. If an objection cannot be resolved, we will work in good faith to provide a commercially reasonable alternative or discuss termination rights per your agreement.