This page lists third parties ("Subprocessors") used by ASTIS to process personal data on behalf of Customers in connection with the Services. For Business/Enterprise customers, this list is incorporated by reference into the ASTIS DPA.
Hosting model: ASTIS operates on dedicated servers (not public cloud hosting).
1. ASTIS Subprocessors
Cloudflare
- Purpose: CDN/edge delivery, WAF/security, DNS (as applicable), optional cookieless web analytics
- Data: IP address and request metadata (as necessary for edge delivery and security), website analytics (if enabled)
- Location: Global (per provider configuration and Cloudflare terms)
Stripe
- Purpose: Payments and billing
- Data: Billing identifiers and payment-related metadata (ASTIS does not store full card details)
- Location: As defined by Stripe terms and your billing region
Resend
- Purpose: Transactional email delivery for authentication (OTP / sign-in codes / verification links)
- Data: Recipient email address, message content needed to deliver OTP/code/link, delivery metadata (timestamps/status)
- Location: As defined by Resend terms and DPA
2. Customer-Controlled Third-Party Services
Integrations — Not ASTIS Subprocessors
Customers may connect third-party email providers such as Google Workspace/Gmail or Microsoft 365. These providers are selected and controlled by the Customer under Customer's agreement with the provider. ASTIS integrates via APIs only with user authorization (e.g., OAuth). These are not ASTIS Subprocessors.
3. Updates and Notifications
ASTIS will provide notice of material changes to this list via email or dashboard. Customers may object as described in the DPA.
4. Contact
ASTIS LLC
Email: [email protected]