Sub-processors
Vakteye uses a small set of vetted sub-processors to deliver scanning, hosting, authentication, file storage and email. Each one is bound by a Data Processing Agreement under Article 28 GDPR and processes scan-result personal data only within the European Union, with two narrow exceptions noted in the table — cross-region AI inference capacity under a Commission adequacy decision, and a globally distributed DNS / bot-protection anycast network.
Public disclosure below is by function and region only. The named entity list is available to Controllers on written request to legal@vakteye.com after NDA verification. This pattern gives the regulator-required information to the data controller without publishing competitor-useful architecture detail on the open web.
Functions and regions
| Function | Region | Role |
|---|---|---|
| Primary database, authentication, file storage | EU | Processor |
| Frontend hosting and edge delivery | EU (regional edge nodes) | Processor |
| Background scanner workers | EU (regional infrastructure) | Processor |
| Background scanning task orchestration | EU | Processor |
| Transactional email delivery | EU (Ireland) | Processor |
| Customer-facing AI chat assistant | EU only | Processor |
| Domain resolution and bot-challenge tokens | Global anycast network | Processor |
| Server-side error and exception monitoring | EU | Processor |
| Rate-limit and abuse-protection cache | EU | Processor |
Request the named list
Existing customers and prospects under NDA can request the named sub-processor list by writing to legal@vakteye.com.