Subprocessors
Diflo uses the following third-party processors to operate the Service. The categories of personal data each processor sees are limited to the strict minimum needed for the named purpose.
| Processor | Purpose | Data categories | Region / transfers |
|---|---|---|---|
| Vercel Inc. (USA) | Web application hosting + CDN. | All Service data in transit; HTTP request metadata. | Edge cache global; origin in EU. SCCs (EU -> USA) for support access. |
| Neon Inc. (USA, EU region) | Managed PostgreSQL database. | All structured Service data. | EU (Frankfurt). Storage in EU; provider support governed by SCCs. |
| Stripe Payments Europe Ltd. (Ireland) + Stripe Inc. (USA) | Card payments, subscription billing, 3-D Secure. | Card metadata, billing email, invoice line items. | EU primary; global infrastructure. SCCs. |
| Resend, Inc. (USA) | Transactional email delivery. | Recipient email, message body, delivery telemetry. | USA. SCCs. |
| Upstash, Inc. (USA, EU region) | Redis-backed rate limiting, caching, idempotency keys. | IP, request keys, ephemeral cache entries. | EU (Frankfurt). SCCs. |
| Functional Software, Inc. (Sentry, USA) | Error tracking and opt-in session replay. | Error stack traces, browser metadata, user identifier (numeric). | USA. SCCs. PII masked by default. |
| Google LLC - Routes API | Route distance, duration, ETA computation. | Pickup / dropoff coordinates, addresses sent at request time. | Global Google infrastructure. SCCs. |
| AeroDataBox (RapidAPI) | Flight schedule and arrival lookups. | Flight number, date sent at request time. | EEA. |
| Booking.com B.V. (Netherlands) | Inbound job ingestion when the customer enables the integration. | Reservation payloads (passenger name, contact, itinerary). | EEA. |
| European Commission - VIES | EU VAT number validation. | VAT number sent at request time. | EU. |
| Infisical, Inc. (USA, EU region) | Secrets management. | Configuration secrets only - no Customer data. | EU. SCCs. |
Right to object
Customers may object to the addition of a new subprocessor on reasonable data-protection grounds, in writing, within 30 days of the change being published here. We will work in good faith to resolve the objection or, if we cannot, the Customer may terminate the affected portion of the Service.