Subprocessors - DRAFT pending counsel review 2026-05-25
This page lists the third-party services YRQR expects to use for launch. It is provided for transparency and remains subject to final DPA, SCC, and counsel review before commercial launch.
Purpose: Public ingress, DNS, edge security, Turnstile, and optional Zero Trust Access.
Data: IP address, request metadata, security events, and challenge telemetry.
Location: Global processing with UK/EU safeguards under Cloudflare terms.
Status: DPA/SCC review required before commercial launch.
Purpose: Transactional email for magic links, invites, and campaign/operator notifications.
Data: Email address, message metadata, delivery events, and limited message content.
Location: Provider-hosted email infrastructure; transfer safeguards to be confirmed.
Status: Domain and DPA review required before commercial launch.
Purpose: Payments, checkout, tax/payment records, and webhook events where enabled.
Data: Billing details, payment metadata, webhook payloads, and fraud signals.
Location: Stripe international processing under Stripe DPA and transfer safeguards.
Status: Use Stripe test mode until commercial terms are final.
Purpose: Sticker, print, and merchandise fulfilment where a campaign includes physical goods.
Data: Order metadata, shipping contact, delivery address, SKU, and fulfilment status.
Location: Fulfilment network depends on destination and product.
Status: Sandbox for staging; live DPA/terms review required before live fulfilment.
Purpose: Error monitoring, release diagnostics, and performance tracing.
Data: Error metadata, request IDs, stack traces, browser/device context, and scrubbed user context.
Location: Sentry-hosted telemetry; transfer safeguards to be confirmed.
Status: Configured with secret scrubbing; DPA review required.
Purpose: Optional product analytics and usage telemetry after cookie/analytics consent.
Data: Pseudonymous event metadata, page/activity events, and device context.
Location: PostHog cloud region selected during setup.
Status: Blocked until consent; DPA review required.
Purpose: Encrypted offsite backup storage for Postgres, local Supabase Storage, and config backups.
Data: Encrypted backup archives and restic metadata.
Location: Backblaze data centre region selected during bucket setup.
Status: Access key and DPA review required before launch.
Purpose: External uptime monitoring, alerting, and synthetic capture checks.
Data: Monitor results, incident metadata, alert contacts, and public endpoint responses.
Location: Better Stack-hosted monitoring infrastructure.
Status: Notification channels and DPA review required before launch.
Purpose: Public status page and incident communication at status.yrqr.io.
Data: Incident updates, component status, subscriber contact details if enabled.
Location: Instatus-hosted status page infrastructure.
Status: Workspace and DPA review required before launch.
YRQR will keep this list current before a campaign goes live. Material subprocessor changes should be recorded in customer onboarding material and, where required, notified under the relevant Data Processing Agreement.
Read the privacy approach