OrgMyx, Inc. (“OrgMyx”) uses select third-party service providers (“Sub-Processors”) to assist in delivering OrgMyx. Each Sub-Processor has been evaluated for its privacy, security, and data handling practices prior to engagement. We provide customers at least 30 days’ advance notice before adding new Sub-Processors. For full details on our data processing practices, see our Privacy Policy and Data Processing Agreement.
| Sub-Processor | Type of Service | Hosting Region | Data Transfer |
|---|---|---|---|
| Amazon Web Services, Inc. | Cloud infrastructure & data hosting | United States (us-east-2) | N/A |
| WorkOS, Inc. | Authentication & identity management | United States | N/A |
| Stripe, Inc. | Payment processing | United States | N/A |
| Wildbit, LLC (d/b/a Postmark) | Email delivery services | United States | N/A |
| Liveblocks, Inc. | Real-time collaboration services | United States | N/A |
Our Due Diligence Process
Prior to engaging any Sub-Processor, OrgMyx conducts a security and privacy assessment that includes: review of the Sub-Processor’s SOC 2 Type II report or equivalent security certification; review of privacy practices and Data Processing Agreement; assessment of data encryption practices; evaluation of access controls and incident response capabilities; and verification of data processing locations. Sub-Processors are reviewed at least annually or when significant changes occur.
Change Notifications
We provide at least 30 days’ advance notice before engaging a new Sub-Processor that processes customer personal data. To receive notifications of Sub-Processor changes, email privacy@orgmyx.com with the subject line “Subscribe: Sub-Processor Updates.”
Questions
For questions about our Sub-Processors or data processing practices:
Privacyprivacy@orgmyx.com© 2026 OrgMyx, Inc. All rights reserved.