As part of our commitment to transparency and compliance with the General Data Protection Regulation (GDPR), we maintain the following list of third-party sub-processors that process personal data on our behalf. These sub-processors are engaged to provide specific services necessary for our operations.
| Sub-Processor | Purpose | Location |
|---|---|---|
| Microsoft Azure | Compute, object storage | EU/EEA |
| Auth0 (Okta) | Authentication | EU/EEA |
| Amazon AWS | Backups | EU/EEA |
| Postmark | Transactional email | USA |
Each sub-processor is contractually bound to adhere to GDPR requirements, ensuring the protection and security of personal data.
Postmark Data Protection Clause Postmark stores and processes data in the USA. However, all data transfers are protected under a Data Processing Agreement (DPA) that ensures compliance with GDPR requirements, including appropriate safeguards such as Standard Contractual Clauses (SCCs).
Data Residency Clause: All personal data is stored and processed exclusively within the EU/EEA, except for Postmark, which is stored in the USA with GDPR-compliant safeguards in place.
For any questions regarding our sub-processors, please contact us using the contact data available here: GDPR & Integritetspolicy
This list was last updated 2024-11-15