Sub-processors
We use the service providers (“processors”) below to operate Forkin. All are bound by Data Processing Agreements under Article 28 GDPR. International transfers outside the European Economic Area, United Kingdom, Switzerland, Quebec, Australia, New Zealand, Brazil, Mexico, Japan, South Korea, Singapore, Hong Kong, Taiwan, Israel, Chile, Colombia, Argentina, Peru, or South Africa rely on the safeguards listed, together with the transfer and privacy-impact assessments we keep internally where required. This page is the canonical, up-to-date list referenced by our Privacy Policy. Material changes are announced in-app at least 14 days before they take effect.
| Processor | Location | Role | Categories of data | Safeguard |
|---|---|---|---|---|
| Hetzner Online GmbH | Germany / Finland (EEA) | Application hosting, PostgreSQL database, and S3-compatible object storage (Nuremberg) for uploaded photos (product, meal, price tags, receipts, body-progress) | All collected, including photos | EEA |
| Bunny.net (BunnyWay d.o.o.) | Slovenia (EEA), EU-only routing | CDN / edge / WAF | Request metadata, asset delivery | EEA |
| Scaleway SAS | France (Paris) + Poland (Warsaw) | Generative AI (vision/text models) for photo & text analysis and content moderation; transactional email; Key Manager (KMS) for body-photo encryption | Photos, text content, email address, encryption keys | EEA |
| NexGen Cloud Ltd (Hyperstack) | Iceland (EEA) | GPU inference (image embeddings, voice transcription, text-to-speech) | Photos, audio | EEA |
| DataCrunch Oy (Verda) | Finland (EEA) | On-demand GPU for nightly product-catalogue AI batch | Product-catalogue photos (not account data) | EEA |
| Brevo (Sendinblue SAS) | France (EEA) | Marketing email (newsletter, impact digest) | Email address | EEA |
| Soverin B.V. | Netherlands (EEA) | Inbound email hosting | Email content you send us | EEA |
| Stripe Payments Europe Ltd. | Ireland (EEA), with US group transfers | Web subscription payments (Merchant of Record, via RevenueCat Billing) | Billing data | EEA + EU–US DPF / SCCs for any US transfer |
| RevenueCat, Inc. | USA | Subscription state & entitlements (web + mobile) | Subscription metadata, pseudonymous user ID | EU–US DPF + SCCs |
| Apple Inc. | USA | iOS distribution, in-app purchases, Sign in with Apple, push (APNs) | Identifiers, transaction data | EU–US DPF + Apple DPA |
| Google LLC | USA | Android distribution, in-app purchases, OAuth, push (FCM) | Identifiers, transaction data | EU–US DPF + Google DPA |
| Functional Software, Inc. (Sentry) | EU ingest (Germany) / US support | Crash reports | Stack traces, device model | EU–US DPF + SCCs |
| PostHog, Inc. | EU (eu.i.posthog.com) | Product analytics (consent-gated) | Event metadata only | EEA |
| Termly, Inc. | USA | Cookie consent banner + policy hosting | IP, consent state | EU–US DPF |
| Expo (650 Industries, Inc.) | USA | Push token relay (APNs/FCM bridge) | Device push token | EU–US DPF |
Apple HealthKit and Google Health Connect are not sub-processors: when you enable health sync, nutrition and body-weight data is exchanged on your device with the platform’s health store under Apple’s or Google’s own terms; we do not receive a copy through them.