In accordance with our Data Processing Addendum (DPA) and Article 28 of the
GDPR, we maintain a current list of all third-party sub-processors that process personal data on
behalf of our customers.
What is a sub-processor?
A sub-processor is any third-party entity engaged by THE GROVVEST AI LTD to process personal data
on behalf of our customers in connection with the TaxItEasy® Service.
Notification of changes
We will notify customers at least 30 days before engaging a new sub-processor or
replacing an existing one. Notifications are sent to the email address associated with your account.
If you wish to object to a new sub-processor on data protection grounds, you may do so within
14 days of receiving the notification, as described in Section 4.3 of our
DPA.
CDN & Network Security
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| Cloudflare, Inc. |
Content Delivery Network (CDN), DDoS protection, Web Application Firewall (WAF), and DNS |
IP addresses, HTTP request headers, User-Agent strings, and technical request metadata. Cloudflare does not have access to the content of encrypted payloads or user-uploaded documents. |
United States (global edge network) |
EU-U.S. Data Privacy Framework / Standard Contractual Clauses |
Infrastructure & Hosting
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| DigitalOcean, LLC |
Kubernetes cluster (DOKS), managed PostgreSQL database, container registry, networking, in-cluster Redis |
All Customer Data (documents, extracted data, account data, audit logs) |
Frankfurt, Germany (EU) — FRA1 region |
Data residency in EU; DigitalOcean is a US-incorporated company — SCCs apply for any controller-incidental access. Client-side encryption (envelope encryption MEK/UEK/DEK) ensures DigitalOcean never sees plaintext document data. |
AI & Document Processing
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| Anthropic, PBC |
AI-powered data extraction and OCR via Claude API, called directly from our Celery workers in DOKS Frankfurt over HTTPS |
Document content submitted for processing (invoices, receipts). Retention follows Anthropic's commercial default (up to 30 days for safety monitoring); contractual zero-retention addendum in negotiation. |
United States |
EU-U.S. Data Privacy Framework / Standard Contractual Clauses |
Payments
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| Stripe, Inc. |
Payment processing, subscription management, and billing |
Billing name, email, payment method details, transaction history |
United States (with EU data residency for payment data) |
EU-U.S. Data Privacy Framework / Standard Contractual Clauses |
Communications
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| Resend, Inc. |
Transactional email delivery (verification, notifications, receipts) |
Email addresses, names, notification content |
United States |
Standard Contractual Clauses |
Object Storage & Backup
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| DigitalOcean Spaces (LLC) |
Encrypted object storage for documents and database backups |
Encrypted documents (per-file DEK), encrypted database backups |
Frankfurt, Germany (EU) — FRA1 region |
EU data residency; DigitalOcean LLC US-incorporated — SCCs apply for controller-incidental access. Document content is encrypted client-side before upload (DigitalOcean never sees plaintext). |
Monitoring & Error Tracking
| Sub-processor |
Purpose |
Data processed |
Location |
Transfer mechanism |
| Functional Software, Inc. (Sentry) |
Application error monitoring and performance tracking with automatic PII scrubbing |
Error stack traces, request metadata, browser/device info; PII is automatically scrubbed before transmission |
United States |
EU-U.S. Data Privacy Framework / Standard Contractual Clauses |
Important notes
- Your documents are never used for AI training. Anthropic's terms of service explicitly exclude commercial API traffic from training data. Retention of API request content follows Anthropic's commercial default (up to 30 days for safety monitoring, after which it is deleted); a contractual zero-retention addendum is in active negotiation between TaxItEasy and Anthropic.
- Payment data is handled by Stripe. We do not store credit card numbers, CVVs, or full payment details on our own systems. All payment processing is handled by Stripe in accordance with PCI DSS standards.
- EU data residency. All primary data storage and processing occurs within the European Union. Transfers to the United States (for AI processing, payment, email, and error monitoring) are protected by the transfer mechanisms listed above.
- Application-layer encryption. All sensitive document content and database fields (Tax IDs, IBANs, OCR text) are encrypted at the application layer with envelope encryption (AES-256-GCM, MEK/UEK/DEK hierarchy) before being written to DigitalOcean infrastructure. The hosting provider never sees plaintext data.
- Error monitoring with PII scrubbing. Sentry automatically scrubs personally identifiable information (PII) from error reports before transmission. No document content, invoice data, or user-uploaded files are sent to Sentry.
- Backup encryption. All backups stored on DigitalOcean Spaces are encrypted at rest. Database backups use pg_dump with maximum compression and are encrypted before upload.
- Cloudflare as network proxy. All web traffic to taxiteasy.org passes through Cloudflare’s network. Cloudflare processes IP addresses and request metadata for security purposes. It does not have access to your documents, invoice data, or account content. Cloudflare sets two strictly necessary security cookies (
__cf_bm, cf_clearance) for bot detection and DDoS protection.
Change log
| Date | Change |
|---|
| March 2026 | Added Cloudflare, Inc. as CDN & Network Security sub-processor |
| March 2026 | Initial publication |
Questions?
If you have questions about our sub-processors or data processing practices, please contact us at
.
THE GROVVEST AI LTD – Evangelou Floraki 10, Villa 4, 8220 Paphos, Cyprus – HE 478768
