Third-Party Data Processors

Last updated: December 27, 2024

Under GDPR Article 28, we are required to disclose the third-party data processors that help us provide our services. All processors listed below are bound by Data Processing Agreements (DPAs) ensuring GDPR compliance.

🖥 Infrastructure & Hosting

These processors provide the infrastructure on which our platform runs.

Hetzner Online GmbH

EU-based

Primary hosting infrastructure and dedicated servers

Location: Germany (EU)
Data: Server logs, IP addresses
Privacy Policy →

Cloudflare, Inc.

EU SCCs

CDN, DDoS protection, and DNS services

Location: USA (EU SCCs in place)
Data: IP addresses, HTTP logs
Privacy Policy →

💳 Payment Processing

These processors handle payment transactions securely.

Stripe Payments Europe, Ltd.

EU-based

Credit card and online payment processing

Location: Ireland (EU)
Data: Name, email, card details, billing address
Certification: PCI DSS Level 1
Privacy Policy →

PayPal (Europe) S.a.r.l. et Cie, S.C.A.

EU-based

Alternative payment processing

Location: Luxembourg (EU)
Data: Name, email, transaction details
Privacy Policy →

🌐 Domain Registration

These processors are involved in domain name registration services.

ROTLD (ICI Bucharest)

EU-based

.RO domain registry (required by Romanian law)

Location: Romania (EU)
Data: Registrant contact information
Privacy Policy →

OpenSRS (Tucows)

EU SCCs

International domain registration

Location: Canada (EU SCCs in place)
Data: Registrant/admin/tech contact details
Privacy Policy →

Email Services

These processors handle transactional email delivery.

Mailgun Technologies, Inc.

EU SCCs

Transactional email delivery (invoices, notifications)

Location: USA (EU region available)
Data: Email addresses, message content
Privacy Policy →

📈 Analytics

These tools help us understand platform usage and improve our services.

Matomo (Self-hosted)

Self-hosted

Privacy-focused website analytics

Location: Our EU servers (no third-party)
Data: Page views, anonymized IP, device info

Data is not shared with third parties.

🔒 SSL Certificates

Certificate authorities that issue SSL certificates for our customers.

Let's Encrypt (ISRG)

Public Benefit

Free SSL certificate issuance

Location: USA
Data: Domain names, account email
Privacy Policy →

International Transfer Safeguards

For processors located outside the EEA, we ensure data protection through:

EU SCCs

Standard Contractual Clauses approved by the European Commission for international data transfers.

EU-US DPF

EU-US Data Privacy Framework certification where applicable.

Data Processing Agreements

All processors listed above have signed Data Processing Agreements (DPAs) with us that include:

  • Clear description of processing activities
  • Obligations regarding data security
  • Sub-processor notification requirements
  • Data subject rights assistance
  • Audit rights
  • Data deletion upon termination

Updates to This List

We may update this list as we add or change service providers. Material changes will be communicated through our platform and may be reflected in our Privacy Policy updates.

Questions?

If you have questions about our data processors or require copies of relevant DPAs, please contact:

Data Protection Officer: dpo@pragmatichost.com

Privacy Policy Terms of Service Cookie Policy