In accordance with data protection regulations, including the GDPR, we maintain a list of all sub-processors that we engage to process personal data on our behalf. Below is our current list of sub-processors that have access to customer data.
Our Sub-processors
Supabase
Location: EU (Frankfurt, Germany)
Purpose: Database and authentication infrastructure
Data Processed: Customer data, user profiles, compliance documents
Transfer Mechanism: Standard Contractual Clauses (SCCs)
Vercel
Location: EU (London, United Kingdom)
Purpose: Hosting and deployment platform
Data Processed: Application data, user session information
Transfer Mechanism: Standard Contractual Clauses (SCCs)
Anthropic
Location: United States (San Francisco, CA)
Purpose: AI model processing for GDPR compliance analysis
Data Processed: Customer documents for compliance analysis
Transfer Mechanism: Standard Contractual Clauses (SCCs)
Resend
Location: United States (San Francisco, CA)
Purpose: Email delivery and notifications
Data Processed: Email addresses, notification content
Transfer Mechanism: Standard Contractual Clauses (SCCs)
Stripe
Location: EU (Dublin, Ireland) / United States
Purpose: Payment processing and billing
Data Processed: Payment information, billing records
Transfer Mechanism: Standard Contractual Clauses (SCCs)
Changes to Sub-processors
We regularly review our sub-processors and may add or remove sub-processors from time to time. If we add new sub-processors, we will update this list and notify our customers as required by applicable data protection laws. We are committed to maintaining transparency about how customer data is processed.
Data Processing Agreements
All of our sub-processors have entered into data processing agreements with us that require them to process data only on our instructions and to implement appropriate security measures. These agreements comply with the requirements of the GDPR and other applicable data protection regulations.
Contact Us
If you have any questions about our sub-processors or how your data is processed, please contact us at compliance@rowpa.app.