Privacy

Subprocessors

Syvera uses the following sub-processors to provide our services. All sub-processors are contractually bound to comply with GDPR. Customers with a DPA are notified of changes at least 30 days in advance.

EU/EEA — no transferAdequacy decisionEU Standard Contractual ClausesBinding Corporate Rules

9 entries

Company

Category

Purpose

Data

Transfer

Since

Hetzner Online GmbH

🇩🇪 Gunzenhausen, DE

Privacy

Infrastructure

Cloud hosting, server operations, data storage

All processed customer data, log data

EU/EEA

Jan 2024

Cloudflare, Inc.

🇺🇸 San Francisco, CA, USA

Privacy

Infrastructure

CDN, DDoS protection, DNS, Web Application Firewall

IP addresses, HTTP request metadata

SCC

Jan 2024

Stripe, Inc.

🇺🇸 South San Francisco, CA, USA

Privacy

Payments

Payment processing, invoicing, fraud detection

Billing address, payment data, transaction data

SCC

Jan 2024

Postmark (ActiveCampaign)

🇺🇸 Chicago, IL, USA

Privacy

Transactional emails (registration, password reset, notifications)

Email address, name, email content

SCC

Jan 2024

Sentry (Functional Software, Inc.)

🇺🇸 San Francisco, CA, USA

Privacy

Monitoring

Error tracking, performance monitoring, crash reports

IP addresses, user IDs, stack traces, browser metadata

SCC

Feb 2024

Plausible Analytics

🇩🇪 Tallinn, EE (Server DE)

Privacy

Analytics

Privacy-friendly website analytics (cookieless)

Aggregated page views, referrer, device type (no personal data)

EU/EEA

Mar 2024

Crisp IM S.A.S.

🇫🇷 Nantes, France

Privacy

Support

Customer support chat, helpdesk, knowledge base

Name, email address, chat history, IP address

EU/EEA

Apr 2024

GitHub, Inc. (Microsoft)

🇺🇸 San Francisco, CA, USA

Privacy

Development

Version control, CI/CD pipelines, code hosting

Developer account data, no customer data

SCC

Jan 2024

Linear Orbit, Inc.

🇺🇸 San Francisco, CA, USA

Privacy

Internal Tools

Internal project management, issue tracking (no customer data)

Employee data, internal project information

SCC

Jun 2024

Hetzner Online GmbH

🇩🇪 Gunzenhausen, DE

EU/EEA

Infrastructure

Cloud hosting, server operations, data storage

All processed customer data, log data

Cloudflare, Inc.

🇺🇸 San Francisco, CA, USA

SCC

Infrastructure

CDN, DDoS protection, DNS, Web Application Firewall

IP addresses, HTTP request metadata

Stripe, Inc.

🇺🇸 South San Francisco, CA, USA

SCC

Payments

Payment processing, invoicing, fraud detection

Billing address, payment data, transaction data

Postmark (ActiveCampaign)

🇺🇸 Chicago, IL, USA

SCC

Transactional emails (registration, password reset, notifications)

Email address, name, email content

Sentry (Functional Software, Inc.)

🇺🇸 San Francisco, CA, USA

SCC

Monitoring

Error tracking, performance monitoring, crash reports

IP addresses, user IDs, stack traces, browser metadata

Plausible Analytics

🇩🇪 Tallinn, EE (Server DE)

EU/EEA

Analytics

Privacy-friendly website analytics (cookieless)

Aggregated page views, referrer, device type (no personal data)

Crisp IM S.A.S.

🇫🇷 Nantes, France

EU/EEA

Support

Customer support chat, helpdesk, knowledge base

Name, email address, chat history, IP address

GitHub, Inc. (Microsoft)

🇺🇸 San Francisco, CA, USA

SCC

Development

Version control, CI/CD pipelines, code hosting

Developer account data, no customer data

Linear Orbit, Inc.

🇺🇸 San Francisco, CA, USA

SCC

Internal Tools

Internal project management, issue tracking (no customer data)

Employee data, internal project information

Change notifications

We notify customers with a Data Processing Agreement (DPA) by email at least 30 days before engaging a new or changed sub-processor. Without objection within this period, the change is deemed approved.

View DPA →Privacy Policy →

Last updated: April 2026 · Version 1.0