Sub-processors.

Stripe, Inc. — payment processing. Purpose: billing your subscription in USD and handling refunds. Processes billing identifiers and payment data. May process data in the United States. Privacy: stripe.com/privacy.

Cloudflare, Inc. — content delivery network and DDoS protection. Purpose: delivering and protecting the Service; processes technical connection data. May process data in the United States.

Hostinger International Ltd. — managed VPS hosting and DNS infrastructure. Purpose: running the resolver and application servers and processing DNS query metadata. May process data in the United States / EU.

Microsoft Corporation (Microsoft Clarity) — marketing-site analytics. Purpose: session replays and heatmaps on our public marketing pages to understand and improve usage. May process data in the United States.

Vercel, Inc. — application hosting. Purpose: hosting and serving the web application and marketing pages. May process data in the United States.

Several sub-processors are located in the United States or operate global infrastructure there. Where personal data leaves the EEA, the UK or Türkiye, we rely on appropriate safeguards such as Standard Contractual Clauses or, where applicable, your explicit consent.

Business customers who act as data controllers can request a Data Processing Agreement under Article 28 of the GDPR. Contact support@guardino.ai to put one in place.

We keep this list current. Where a change to our sub-processors is material, we will update this page and, where required, give affected parties notice.

Questions: support@guardino.ai.