This page lists all sub-processors that may process personal data on behalf of Disso Security.
| Sub-Processor | Processing Activities | Location of Data Storage | Data Transfer Safeguards |
|---|---|---|---|
| DigitalOcean | Hosting infrastructure and cloud storage for application deployment | EU - Amsterdam / Frankfurt | Standard Contractual Clauses (SCCs), Data Processing Agreement (DPA) |
| Microsoft Azure | Cloud infrastructure for compute, storage, and networking services | EU - France | Standard Contractual Clauses (SCCs), EU-US Data Privacy Framework, Microsoft DPA |
| Cloudflare | CDN / edge network / security / caching / traffic distribution / TLS termination / edge routing | EU (with Regional Services / Data Localization Suite configured) | Cloudflare Data Localization Suite (Regional Services + Geo Key Manager / Customer Metadata Boundary), ensures HTTPS-traffic processing and metadata stay within EU data centers. :contentReference[oaicite:3]{index=3} |
| Better Stack | Monitoring, error tracking, log management, alerting, incident & uptime management | EU (data stored in EU data centers by default) ✔ GDPR-compliant. :contentReference[oaicite:4]{index=4} | SOC 2 Type II, GDPR compliance, ISO/IEC 27001-certified data centers, Data Processing Agreement (DPA) available. :contentReference[oaicite:5]{index=5} |
| Intercom | Customer support chat, messaging, and user engagement services | EU | Standard Contractual Clauses (SCCs), Data Processing Agreement (DPA), EU-US Data Privacy Framework |
| Jira (Atlassian) | Ticketing, issue tracking, and project management involving user data | EU | Standard Contractual Clauses (SCCs), Atlassian DPA, EU-US Data Privacy Framework |
| Mistral | Processing user communications via GenAI models | EU (France, as of 2024) | Typically only EU-based processing; compliant with EU data protection standards |
| HubSpot | Customer relationship management, marketing automation, and user communications | EU | Standard Contractual Clauses (SCCs), HubSpot DPA, EU-US Data Privacy Framework |
| Slack | Internal communication potentially involving user data (e.g., error logs) | EU | Standard Contractual Clauses (SCCs), Slack DPA, EU-US Data Privacy Framework |
| Stripe | Payment processing and billing (if used) | EU / US (depending on Stripe config) | Stripe Data Processing Agreement (DPA), EU-US Data Privacy Framework and applicable contractual safeguards |
Disso Security engages certain third-party service providers to assist in providing our services. These entities process personal data on our behalf and are contractually bound to process data in accordance with our instructions and applicable data protection laws.
We implement appropriate technical and organizational measures to ensure that these sub-processors provide sufficient guarantees to protect your personal data. We regularly review and update this list to reflect any changes in our sub-processor relationships.
For more information about how we process personal data, please refer to our Privacy Policy.