A complete list of the third-party services BRANDED IAM uses that process client data, what data each receives, and why.
In delivering our services, BRANDED IAM uses a number of third-party tools and platforms. Some of these process your data as part of service delivery. We're fully transparent about who these parties are and what data they handle.
Sub-Processors We Use
- Stripe (stripe.com): Payment processing. Receives your billing name, address, and payment card data. Subject to PCI DSS compliance. We never store raw card data ourselves — Stripe handles all payment card processing.
- Microsoft Azure: Cloud hosting and infrastructure. All portal data and website hosting runs on Microsoft's Azure cloud platform. Data is stored in US data centers.
- Microsoft 365: For clients on managed IT plans, Microsoft processes email, files, and other business data as part of their cloud service agreement. Subject to Microsoft's DPA and ISO 27001 certification.
- Resend (resend.com): Transactional email delivery. Used to send invoices, ticket notifications, password resets, and other system emails. Receives your email address and the content of system-generated emails.
- Google Analytics: Website analytics. Receives anonymized browsing data for brandediam.com. IP addresses are anonymized. No personal account data is shared with Google Analytics.
- Supabase: Database and authentication infrastructure for the client portal. Stores account data, ticket records, and project data. Located on AWS infrastructure in the US.
What We Don't Do
We do not sell your data to any third party. We do not share your data with advertisers beyond standard retargeting pixels. We do not use your data to train AI models. Any new sub-processors are added to this list before they begin processing client data.