Sub-processor List
Last updated: February 9, 2025
1. Current Sub-processors
The following sub-processors are authorized to process personal data on behalf of Secure Tenant's customers. This list is maintained pursuant to Article 28 of the GDPR and our Data Processing Agreement.
| Sub-processor | Location | Purpose | Data Processed |
|---|---|---|---|
| Microsoft Azure | EU (West Europe) | Cloud hosting, data storage, and computing infrastructure | All Customer Data, account data, scan results |
| Stripe, Inc. | United States (EU-US DPF certified) | Payment processing and subscription management | Payment information, billing details, transaction history |
| Microsoft Graph API | EU / United States | Read-only API access to Customer's Microsoft 365 tenant data | Microsoft 365 Tenant Data (security configurations, audit logs, user metadata) |
2. Changes to Sub-processors
In accordance with our Data Processing Agreement, we will notify customers at least 30 days in advance before adding or replacing a sub-processor. Notifications are sent via email to the registered account address. Customers may object to the appointment of a new sub-processor within 14 days of receiving notification.
3. Objection Process
If you wish to object to a new sub-processor, please contact us at contact@secure-tenant.com within 14 days of receiving the notification. We will work with you in good faith to address your concerns. If we cannot resolve your objection within 30 days, you may terminate the affected services without penalty, as described in the DPA.
4. Subscribe to Updates
To receive notifications about changes to our sub-processor list, ensure your account notification settings include sub-processor updates, or contact us at contact@secure-tenant.com to be added to the notification list.
5. Contact
For questions about our sub-processors:
- Email: contact@secure-tenant.com
- Secure Tenant, Diepmeerven 33, 5645KG Eindhoven, Netherlands