TRUST / SUB-PROCESSORS
Third-party data processors.
Every sub-processor that may access customer data in the course of providing our services. Listed only when actually in use.
Last updated: April 2026 · 30-day notice before any addition.
| Sub-processor | Purpose | Category | Region |
|---|---|---|---|
| Cloudflare | CDN edge, DDoS mitigation on deploy domain | Infrastructure | Global |
| Hetzner / partner datacenter | VPS hosting, compute, storage | Infrastructure | EU |
| Stripe | Payment processing (when card payments go live) | Billing | US, EU |
Email and transactional notifications are not yet active (pending DNS/SPF/DKIM setup). This list will grow as services are added.
Change notifications
30-day advance notice
We notify customers before adding new sub-processors. Required for GDPR DPA compliance.
Contact [email protected]Data processing
Need a DPA?
A Data Processing Addendum is available for customers who require one for GDPR compliance.
Request via [email protected]