Sub-processors

We work only with service providers who meet strong privacy and security standards. All sub-processors are carefully selected and contractually bound to process personal data solely for the purposes of delivering our services. All processing takes place within the EU/EEA unless otherwise indicated.

This list is kept up to date. When we add new sub-processors, we will notify affected customers in accordance with our Privacy Statement.

Service / Function	Sub-Processor	Location	Purpose of Processing	Security & Compliance
Data center & network hosting	DC1 Amsterdam	The Netherlands (EU)	Hosting infrastructure and network connectivity	SOC 1 / SOC 2 / SOC 3, ISO 27001, ISO 9001, ISO 14001, ISO 45001, ISO 50001, PCI-DSS
Domain & DNS services	True	The Netherlands (EU)	Domain registration and DNS services	ISO 27001, ISO 9001, NEN 7510, ISAE 3402 Type II
CRM hosting	PerfectView	The Netherlands (EU)	Managing customer contact and sales administration	GDPR, ISO 27001
Finance & accounting platform	Exact	The Netherlands / Ireland (EU/EEA)	Financial administration and billing	GDPR, ISAE 3402 Type II, ISO 27001
Payment processing	Mollie	The Netherlands (EU)	Processing payment transactions	GDPR, PCI-DSS Level 1
Customer support platform (self-managed)	The Good Cloud	n/a	Handling support tickets and customer communication	Managed internally — no external processor
Contracted operational support	360 ICT	The Netherlands (EU)	Commercial and implementation support	GDPR-compliant processing agreement in place
Contracted operational support	Datacave	The Netherlands (EU)	Commercial and implementation support	GDPR-compliant processing agreement in place
Privacy-friendly web analytics	Matomo (self-hosted)	Germany (EU)	Website analytics without tracking profiles	GDPR, CCPA, LGPD, PECR
Uptime monitoring	UptimeRobot	Slovakia (EU)	Monitoring availability of customer Nextcloud instances	GDPR compliant