Sub-processors

Privacy, terms of service and legal information for using the Kopexa platform.

Sub-processors

Effective since January 1, 2026

Kopexa Sub-processors and Affiliates

Kopexa uses certain third-party providers and affiliates listed on this page to process customer data as part of providing the Kopexa Services. Terms not defined on this page have the meaning assigned to them in the Kopexa Terms of Service or the written agreement between you and Kopexa.

1. Cloudflare, Inc. (United States)

  • Service: Cloud services, security & content delivery network
  • Purpose: Performance optimization, DDoS protection, TLS termination, security monitoring and global data distribution.
  • Hosting location: Local – processing in the data center nearest to the end user.
  • Legal basis: Art. 45 GDPR (EU-US DPF) + Art. 46(2)(c) GDPR (EU SCCs).
  • Documentation: cloudflare.com/dpa | dataprivacyframework.gov

2. Stripe, Inc. (United States)

  • Service: Payment processing platform
  • Purpose: Processing subscriptions, invoicing, fraud prevention and refunds.
  • Hosting location: EU (Ireland) and United States.
  • Legal basis: Art. 45 GDPR (EU-US DPF) + Art. 46(2)(c) GDPR (EU SCCs).
  • Documentation: stripe.com/legal/dpa

3. OVHcloud (France)

  • Service: Infrastructure hosting
  • Purpose: Hosting application servers, databases and storage of customer data.
  • Hosting location: France & Germany.
  • Legal basis: No third-country transfer (processing exclusively within the EU).

4. Microsoft Azure (Ireland)

  • Service: Cloud infrastructure
  • Purpose: Hosting specific workloads (e.g., AI integrations, storage, compute).
  • Hosting location: Germany & EU.
  • Legal basis: No third-country transfer (processing exclusively within the EU).

5. Plus Five Five, Inc. (Resend)

  • Service: Transactional email service
  • Purpose: Sending automated platform emails (notifications, invitations, password resets).
  • Hosting location: EU (Germany) & United States.
  • Legal basis: Art. 45 GDPR (EU-US DPF, certified March 2025) + Art. 46(2)(c) GDPR (EU SCCs).
  • Documentation: resend.com/legal/dpa

6. OpenAI, L.L.C. (United States)

  • Service: Generative AI APIs
  • Purpose: Processing prompts to provide automated content suggestions and compliance assistance.
  • Hosting location: United States.
  • Legal basis: Art. 46(2)(c) GDPR (EU SCCs).
  • Documentation: openai.com/policies/data-processing-addendum