Current Sub-processors
SuperSend utilizes a limited number of trusted third-party service providers ("Sub-processors") to deliver our platform and services. Each sub-processor has a Data Processing Agreement (DPA) with SuperSend, including Standard Contractual Clauses (SCCs) and GDPR-compliant safeguards.
Current Sub-processors
| Vendor | Purpose of Processing | Region / Location | Data Processed | Certifications / Safeguards |
|---|---|---|---|---|
Google Cloud Platform (GCP) | Cloud hosting and infrastructure services | United States / global (region varies by deployment) | Customer personal data processed to provide the platform | ISO 27001SOC 2GDPR DPA |
Wasabi Technologies | Cloud storage services | United States / global (region varies by deployment) | Customer personal data processed to provide the platform | ISO 27001SOC 2GDPR DPA |
Cloudflare | Network and security services | Global (region varies by deployment) | Transient technical data (e.g. IP addresses, request metadata) | ISO 27001SOC 2GDPR DPA |
DigitalOcean | Cloud compute and hosting services | United States / global (region varies by deployment) | Customer personal data processed to provide the platform | ISO 27001SOC 2GDPR DPA |
UpCloud | Cloud compute and hosting services | United States / global (region varies by deployment) | Customer personal data processed to provide the platform | ISO 27001GDPR DPA |
OVHcloud | Cloud compute and hosting services | United States / global (region varies by deployment) | Customer personal data processed to provide the platform | ISO 27001SOC 2GDPR DPA |
SendGrid (Twilio) | Transactional email services | United States / global (region varies by deployment) | Account and notification data | ISO 27001SOC 2GDPR DPA |
Stripe | Payment processing and subscription billing | United States / EEA | Billing information, payment details | PCI DSS Level 1GDPR DPA |
OpenAI | Optional AI features (when enabled by the user) | United States | User-provided content submitted to AI features | GDPR DPASCCs |
Google (Gemini API) | Optional AI features (when enabled by the user) | United States / global (region varies by deployment) | User-provided content submitted to AI features | GDPR DPASCCs |
Sub-processor Updates
SuperSend reviews its sub-processors periodically and updates this register when a new vendor is engaged or an existing one is replaced. Customers are notified of changes at least 30 days prior to the engagement of a new sub-processor, in accordance with applicable data protection agreements.
This page lists our primary infrastructure and platform sub-processors. Customers with a signed Data Processing Agreement may request the complete sub-processor annex, including any vendors engaged for specific product capabilities, by contacting dpo@supersend.io.
Questions About Our Sub-processors?
For additional information, please contact our Data Protection Officer at dpo@supersend.io.
Cold email that lands. At any volume.
Dedicated servers, senders, warmup, and monitoring, all managed by SuperSend so the volume actually delivers.
Sending millions of cold emails a month for our customers