Customer-Authorized Third-Party Services
In addition to the Sub-Processors listed below, Customer may authorize Headline to access certain third-party services — including GitHub, GitLab, Bitbucket, Anthropic, Stripe, and Chargebee — using Customer's own credentials, API keys, or OAuth authorization. Where Headline accesses such services pursuant to Customer's authorization, Headline does so solely on Customer's behalf, using permissions and credentials Customer granted or provided directly. Headline's subsequent use of data received from such services is governed by the MSA and this DPA, including any provisions relating to Enhanced Data Usage, anonymized or aggregated data, and internal use to operate, improve, or develop the Service.
Such third-party services are independent data controllers with whom Customer has a direct contractual and billing relationship. Headline does not engage them as Sub-Processors, and their processing of Customer's data is governed by Customer's agreements with those platforms rather than by this DPA.