Sub-processors
SikkerKey engages the following third parties to provide the Service. Our infrastructure and edge providers act as processors on our behalf, under data processing agreements that meet the requirements of Article 28 of the GDPR. Our payment processor acts as an independent controller for the billing data it handles, governed by its own data processing terms and privacy policy. This register is updated when these providers change; material changes are communicated at least 30 days in advance.
Sub-processor register
| Provider | Role | Purpose | Data processed | Location | Transfer mechanism |
|---|---|---|---|---|---|
Hetzner Online GmbHwww.hetzner.com | Processor | Production infrastructure hosting (application servers, databases, file storage) | Production application data, including encrypted secrets, account data, audit logs, and session data. Database backups are stored on SikkerKey-operated infrastructure (see below). | Germany · EU Germany (EU) | Not applicable (data remains in the EU) |
Cloudflare, Inc.www.cloudflare.com | Processor | DNS, DDoS protection, CDN, and TLS termination | IP addresses, HTTP request metadata (headers, paths, methods), and TLS connection data in transit | Global edge Global edge network. TLS termination occurs at the Cloudflare POP nearest the connecting client, which may be located outside the EU. | Standard Contractual Clauses + EU-U.S. Data Privacy Framework |
Stripe, Inc.stripe.com | Independent controller | Payment processing, subscription billing, and invoice management | Email address, Stripe customer ID, and subscription metadata. Payment card details, billing addresses, and invoices are managed exclusively by Stripe and are never stored on SikkerKey systems. | United States United States (EU-U.S. Data Privacy Framework) | Standard Contractual Clauses + EU-U.S. Data Privacy Framework |
Providers marked Processor handle data on SikkerKey's behalf under a data processing agreement. Stripe acts as an independent controllerfor the billing data it processes — payments, fraud prevention, and regulatory compliance — determining its own purposes and means under its own terms.
Self-operated infrastructure
In addition to the third-party sub-processors above, SikkerKey operates the following infrastructure directly. No third party processes data on our behalf at this location.
- Backup server. Encrypted backups are kept on a server SikkerKey owns and runs directly, in Denmark (EU). It is kept separate from any hosting provider, and no sub-processor can reach it. The backups use the same encryption as live data, so the media on its own can't be read.
Data not shared with sub-processors
The data most worth protecting never reaches a sub-processor at all.
- Your secrets. Where your secrets are stored, they sit encrypted, and the keys that unlock them are kept apart from the stored data and never handed to a provider. A provider that can see the stored data still can't read what's inside.
- Your machine keys. Each machine's Ed25519 private key is created on that machine and never leaves it. SikkerKey only receives the public half, which can't be used to act as your machine.
- Your IP addresses. When SikkerKey checks where a request came from, the lookup runs on our own servers. Your IP addresses are never sent to an outside location service.