In accordance with our Data Processing Addendum (DPA) and Article 28 of the
GDPR, we maintain a current list of all third-party sub-processors that process personal data on
behalf of our customers.
What is a sub-processor?
A sub-processor is any third-party entity engaged by THE GROVVEST AI LTD to process personal data
on behalf of our customers in connection with the TaxItEasy Service.
Notification of changes
We will notify customers at least 30 days before engaging a new sub-processor or
replacing an existing one. Notifications are sent to the email address associated with your account.
If you wish to object to a new sub-processor on data protection grounds, you may do so within
14 days of receiving the notification, as described in Section 4.3 of our
DPA.
CDN & Network Security
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| Cloudflare, Inc. |
Content Delivery Network (CDN), DDoS protection, Web Application Firewall (WAF), and DNS |
IP addresses, HTTP request headers, User-Agent strings, and technical request metadata. Cloudflare does not have access to the content of encrypted payloads or user-uploaded documents. |
United States (global edge network) |
EU-U.S. Data Privacy Framework / Standard Contractual Clauses |
Infrastructure & Hosting
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| Hetzner Online GmbH |
Kubernetes cluster hosting, managed volumes, compute, and networking |
All Customer Data (documents, extracted data, account data) |
Falkenstein & Nuremberg, Germany (EU) |
N/A (within EEA) |
| Supabase, Inc. |
Database hosting, authentication, and real-time APIs (via AWS eu-central-1) |
Account data, extracted invoice data, user metadata |
Frankfurt, Germany (EU) |
N/A (data processed within EEA) |
AI & Document Processing
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| Anthropic, PBC |
AI-powered data extraction and OCR via API, invoked through self-hosted automation workflows |
Document content submitted for processing (invoices, receipts); stateless API calls — no data retained by Anthropic |
United States |
EU-U.S. Data Privacy Framework / Standard Contractual Clauses |
Payments
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| Stripe, Inc. |
Payment processing, subscription management, and billing |
Billing name, email, payment method details, transaction history |
United States (with EU data residency for payment data) |
EU-U.S. Data Privacy Framework / Standard Contractual Clauses |
Communications
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| Resend, Inc. |
Transactional email delivery (verification, notifications, receipts) |
Email addresses, names, notification content |
United States |
Standard Contractual Clauses |
Backup & Storage
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| DigitalOcean, LLC |
Encrypted backup storage (Spaces Object Storage) |
Encrypted database backups, encrypted document backups |
Frankfurt, Germany (EU) |
N/A (data processed within EEA) |
Monitoring & Error Tracking
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| Functional Software, Inc. (Sentry) |
Application error monitoring and performance tracking with automatic PII scrubbing |
Error stack traces, request metadata, browser/device info; PII is automatically scrubbed before transmission |
United States |
EU-U.S. Data Privacy Framework / Standard Contractual Clauses |
Important notes
- Your documents are never used for AI training. Anthropic processes your documents solely for data extraction via stateless API calls. Documents are not stored by Anthropic beyond the duration of the API request and are not used to train or improve any AI models.
- Payment data is handled by Stripe. We do not store credit card numbers, CVVs, or full payment details on our own systems. All payment processing is handled by Stripe in accordance with PCI DSS standards.
- EU data residency. All primary data storage and processing occurs within the European Union. Transfers to the United States (for AI processing, payment, email, and error monitoring) are protected by the transfer mechanisms listed above.
- Self-hosted components. Our automation workflows (N8N) and object storage (MinIO) are self-hosted on our own EU infrastructure (Hetzner) and are not sub-processors. They do not involve third-party data processing.
- Error monitoring with PII scrubbing. Sentry automatically scrubs personally identifiable information (PII) from error reports before transmission. No document content, invoice data, or user-uploaded files are sent to Sentry.
- Backup encryption. All backups stored on DigitalOcean Spaces are encrypted at rest. Database backups use pg_dump with maximum compression and are encrypted before upload.
- Cloudflare as network proxy. All web traffic to taxiteasy.org passes through Cloudflare’s network. Cloudflare processes IP addresses and request metadata for security purposes. It does not have access to your documents, invoice data, or account content. Cloudflare sets two strictly necessary security cookies (
__cf_bm, cf_clearance) for bot detection and DDoS protection.
Change log
| Date | Change |
|---|
| March 2026 | Added Cloudflare, Inc. as CDN & Network Security sub-processor |
| March 2026 | Initial publication |
Questions?
If you have questions about our sub-processors or data processing practices, please contact us at
.
THE GROVVEST AI LTD – Evangelou Floraki 10, Villa 4, 8220 Paphos, Cyprus – HE 478768