Legal

Subprocessors

To provide our services efficiently and securely, we engage with third-party service providers, known as subprocessors. These subprocessors may process personal data on our behalf, and we take careful steps to ensure they comply with all relevant data protection laws, including the GDPR. Below, you will find detailed information about each of our subprocessors.

Subprocessor	Categories of Personal Data	Location of Processing	Compliance Links
Hetzner Online GmbH Cloud hosting provider	Customer data, application data, databases, log data	Germany; EU GDPR compliant; servers in Germany (Falkenstein and Nürnberg)	Certificates - Hetzner Docs Privacy Policy
Cloudflare, Ltd. Content delivery network provider	Personal data contained in user account information and text or files created by customers	Customer traffic is processed globally at the data center closest to the end user	Certifications and Compliance Resources Privacy Policy
Supabase Inc. User authentication and database management	Personal data, user authentication data, general user-related data	Operates on AWS cloud infrastructure; data may transfer across borders	Security at Supabase Privacy Policy
Stripe, Inc. Payment processing	Payment information, including credit card details, billing information, transaction data	Global; data transfers may cross borders depending on processing agreements	Stripe's Security and Compliance Privacy Policy
InterNetX GmbH Domain and certificate management	Customer data related to domain registration, SSL certificates, and associated contact information	Germany; GDPR compliant	InterNetX Compliance Privacy Policy
Hosting Concepts BV (Openprovider) Domain registration, management, and reseller platform	Domain registration data, registrant and administrative contact details (names, addresses, email addresses, phone numbers), technical domain metadata (nameservers, DNS records, auth codes), certificate-related contact data, and associated customer account information	Netherlands; EU-based processing under GDPR	ISO 27001 Certification Privacy Policy
Proton AG Secure email and document storage	Internal documents, email communications, cloud-stored data	Switzerland; data processed under Swiss privacy laws with potential cross-border data transfers	Proton Security Privacy Policy
Resend (Plus Five Five, Inc.) Email communication services	Email addresses, contact information of subscribers, and email content	AWS servers in North Virginia (us-east-1); subject to US data transfer laws	Resend's Security Measures Privacy Policy
Sentry (Functional Software, Inc.) Application error tracking, performance monitoring, and observability platform	Application error events, stack traces, logs, performance metrics; identifiers such as IP addresses, usernames, or email addresses	European Union (EU); data stored and processed in EU-based data centers (Frankfurt, Germany) according to organization settings	Data Storage Location Privacy Policy Security & Compliance
BuchhaltungsButler GmbH Accounting and financial management	Financial data, payment information, accounting records; customer data also if payments are directly processed through Stripe	Germany; EU GDPR compliant	Data Protection Privacy Policy TOMs pursuant to Article 32 GDPR
Revolut Bank UAB Banking and payment services	Financial data related to payments and transactions	Global; subject to financial regulations based on transaction locations	Revolut Privacy Security Compliance
PayPal (Europe) S.à r.l. et Cie, S.C.A. Payment processing	Payment and financial data related to transactions	Global; data transfers depend on customer locations and PayPal's processing agreements	PayPal Privacy PayPal Security
OpenAI, L.L.C. AI-powered language and analysis services (ChatGPT Business)	Contextual input data provided by authorized staff for internal analysis and support, which may include limited customer-related information (e.g. domain names, technical details); data is not used for model training	Global; data processed in OpenAI-managed infrastructure with appropriate safeguards for international data transfers, including Standard Contractual Clauses (SCCs)	Trust & Security Privacy Policy Data Processing Addendum (DPA)

We are committed to maintaining transparency with our users regarding how their data is processed by our partners. We regularly review and update our subprocessor list to ensure compliance with all relevant data protection laws. Should there be any changes to our subprocessors that may affect your personal data, we will update this page accordingly and notify you.

If you have any questions or concerns about our subprocessors or how your data is processed, please feel free to contact us at compliance@dashio.net.

Last updated: 10.01.2026