Sub-processors
Last updated: 2026-05-07
This page lists the third-party providers (sub-processors) that handle personal data on behalf of CalProof to deliver the service. CalProof is a trading name of Crocker Digital Ltd, registered in England and Wales under Company No. 17008789.
We act in two capacities (see Privacy Policy §1): we are the controller for your account data, and we are the processor for personal data contained in the calibration records, certificates, and audit-pack data you upload. The providers below act as our processors for the account-data processing, and as your further processors (sub-processors of CalProof as processor) for the calibration-record processing governed by our Data Processing Agreement.
We will give active customers at least 30 days' notice by email before adding a new sub-processor that handles personal data, or before changing an existing sub-processor in a way that materially affects how your data is processed. If you object to a planned change, you can cancel your subscription before it takes effect and we will refund any unused prepaid fees on a pro-rata basis.
1. Current sub-processors
| Sub-processor | Purpose | Data categories | Region |
|---|---|---|---|
| Supabase (Postgres + Auth + Storage) | Application database, user authentication, certificate file storage | Account email, name, calibration data, certificate PDFs, audit log | UK (London) — eu-west-2 |
| Stripe Payments Europe | Payment processing, subscription billing | Payment method (tokenised), billing email, invoices | EU (Ireland) + US group support |
| Resend (Plus Five Five, Inc.) | Transactional + lifecycle email delivery | Email address, message body, deliverability metadata | EU + US |
| Microsoft 365 (shared mailbox) | Inbound support email at support@calproof.co.uk | Inbound email content + metadata | EU |
| Sentry (Functional Software, Inc.) | Error monitoring + stack traces | Stack traces, request URL, user_id (if logged in) — no payload bodies | EU (de.sentry.io); US-headquartered entity, transfers under SCCs as fallback |
| Cloudflare Turnstile | Bot detection on signup | IP address, browser headers (transient) | Global edge (UK contracting entity: Cloudflare Limited) |
| Netlify | Static + serverless hosting + CDN | Request logs (IP, user-agent, URL — 7-day window) | US (CDN edge global) |
| GoatCounter (anonymous analytics) | Page-view counts | Anonymous, no cookies, no IP retention beyond 24h | EU |
| Upstash Redis | Rate limiting + token bucket | Hashed identifier (IP or user_id), counter | EU (Ireland) — eu-west-1 |
Note on US management-plane access. Several sub-processors above are operated by US-headquartered entities (Supabase, Upstash) whose engineers may exercise management-plane access to data resident in EU/UK regions for the purposes of operating, maintaining, and supporting the underlying infrastructure. Such transfers are governed by the EU Standard Contractual Clauses (2021, Module 2) and the UK International Data Transfer Addendum / IDTA in each provider's DPA. See our Data Processing Agreement Schedule 3 and Privacy Policy for full transfer-mechanism detail per sub-processor.
2. Sub-processor detail
2.1 Supabase
Supabase provides our managed Postgres database, authentication system, and certificate-PDF storage. Account data, calibration data, certificate PDFs, and the audit log live in Supabase. Our project runs in the eu-west-2 (London) region. Supabase is operated by Supabase Inc., a US-incorporated company; the underlying infrastructure for our project is AWS in the UK. Personal data is encrypted at rest and in transit. Supabase is contracted under a Data Processing Addendum with the UK GDPR-aligned standard contractual clauses where applicable.
2.2 Stripe Payments Europe
Stripe processes subscription payments, manages payment methods, and issues invoices. Stripe receives the billing email you provide, the country and address fields needed for tax, and the tokenised payment method; we never see or store full card details. Stripe Payments Europe Ltd is based in Ireland and operates within the EU for European customers. Stripe is owned by Stripe, Inc., headquartered in the United States.
2.3 Resend
Resend delivers transactional and lifecycle emails on our behalf, including welcome messages, payment receipts, password resets, and the day-23 cancellation reminder. Resend receives the recipient's email address, the rendered message body, and deliverability metadata such as bounce and complaint signals. Resend is operated by Plus Five Five, Inc. (registered office: 2261 Market Street #5039, San Francisco, CA 94114, United States); processing for our account uses EU infrastructure with US support operations. Transfers rely on the UK IDTA / UK Addendum to the EU SCCs in the Resend DPA.
2.4 Microsoft 365
We use a Microsoft 365 shared mailbox to receive inbound email at support@calproof.co.uk. Anything you send to that address arrives in Microsoft 365, where the small number of staff who handle support can read and reply. Microsoft 365 receives the inbound email content and metadata. The Microsoft 365 tenant is configured for EU residency. Microsoft Ireland Operations Limited is the contracting entity; Microsoft Corporation is the ultimate parent.
2.5 Sentry
Sentry captures application errors and forwards stack traces so we can investigate problems quickly. Sentry receives the stack trace, the URL of the failing request, and the user_id of the signed-in user if there is one. We do not forward request bodies, customer data, or certificate content to Sentry. Sentry events are retained for 90 days. Sentry is operated by Functional Software, Inc., headquartered in the United States; our project is configured on Sentry's EU region (de.sentry.io) so events are stored on EU infrastructure. Transfers rely on the standard contractual clauses approved by the UK Information Commissioner's Office as a fallback for any incidental US group-support processing.
2.6 Cloudflare Turnstile
Cloudflare Turnstile is the bot-detection challenge that protects the signup form from automated abuse. Turnstile briefly receives the visitor's IP address and standard browser headers when the challenge is solved. The data is transient and is not used to build a profile of the visitor. Turnstile is delivered through Cloudflare's global edge network; the visitor's nearest edge node handles the challenge. Cloudflare, Inc. is headquartered in the United States; Cloudflare Limited is the UK contracting entity. Transfers rely on the UK IDTA / UK Addendum in the Cloudflare customer DPA.
2.7 Netlify
Netlify hosts the static and serverless parts of CalProof and serves traffic through its global content-delivery network. Netlify receives standard web request logs — IP address, user agent, and URL — which it retains for a 7-day rolling window. CDN edge nodes outside the UK and EU may serve cached static assets; transfers rely on the standard contractual clauses. Netlify, Inc. is headquartered in the United States.
2.8 GoatCounter
GoatCounter measures aggregate page-view counts. It is configured in cookieless mode, does not retain IP addresses beyond 24 hours, and does not allow individual users to be re-identified across sessions. GoatCounter is operated by Martin Tournoij as a sole proprietorship in the Republic of Ireland; data is hosted in the EU.
2.9 Upstash Redis
Upstash provides the Redis instance behind our rate limiter. The rate limiter stores a counter keyed on a hashed identifier (your IP address or, when you are signed in, a hash of your user_id). No application data passes through Upstash. Upstash, Inc. is headquartered in the United States; our instance runs on EU infrastructure.
3. Notice of changes
The list above is current as of the "lastUpdated" date at the top of this page. We will give active customers at least 30 days' notice by email before:
- adding a new sub-processor that handles personal data;
- removing a sub-processor in a way that affects how your data is handled;
- changing the region in which an existing sub-processor handles your data.
Notices will be sent from a calproof.co.uk address and will be posted on this page on the same day. If you would like to be added to a separate notification list for sub-processor changes, please email privacy@calproof.co.uk.