Sub-Processor Policy
Last Updated: 17-4-2026
OmniForge uses a small number of trusted third-party service providers ("sub-processors") to host, operate, and support its platform. Each sub-processor only processes data necessary to deliver its service and operates under GDPR-compliant data processing terms as part of their standard agreements.
1. Current Sub-Processors
| Category | Provider | Purpose | Data Location |
|---|---|---|---|
| Cloud Infrastructure & Platform Hosting | Amazon Web Services (AWS) | Primary hosting, storage, networking, and operation of the OmniForge platform | Stockholm (EU-North-1) |
| Cloud Infrastructure & Platform Hosting | Cloudflare | DNS resolution, content delivery network (CDN), web application firewall, and edge security/performance services | Global (including EU and United States) |
| AI Processing | OpenAI | Large-language-model inference for agent reasoning and content generation | United States (Standard Contractual Clauses) |
Mistral AI | Large-language-model inference for agent reasoning and content generation | European Union | |
| Frontend Monitoring | Sentry (Cloud) | Application performance monitoring, diagnostics, and user feedback tooling for the web application | European Union |
| Email Delivery | Resend | Transactional and notification email delivery | European Union |
| Payment Processing | Stripe | Payment processing, invoicing support, limited billing/customer data handling, and fraud prevention | European Union / United States (Standard Contractual Clauses) |
| Business Communications | Google Workspace | Internal and external company communications | European Union / United States (Standard Contractual Clauses) |
| Website Analytics | Google Analytics (Google LLC) | Anonymized website usage analytics and performance measurement | European Union / United States (Standard Contractual Clauses) |
| Cookie Consent Management | Cookiebot (Usercentrics A/S) | Managing user cookie consent preferences and regulatory compliance | European Union |
2. Data Protection
All sub-processors are reviewed for security and privacy compliance before use. Data transmitted to these providers is encrypted in transit and, where applicable, minimized or anonymized. OmniForge remains the data controller and ensures all processing complies with the GDPR.
A detailed vendor list and data-flow description are available to customers upon request.
For more information, visit the Cloud Privacy section.
3. Updates to This List
We review and update our list of sub-processors whenever a new provider is engaged or an existing one is removed. Any changes will be published on this page.
For questions about sub-processors, contact: contact@omniforge.online
© 2026 OmniForge VOF. All rights reserved.