Sub-processors & Third-Party Services
Last Updated: 13/05/2026
Our Commitment to Data Protection
AdminLanding is committed to protecting your data. This page lists all third-party sub-processors we use to deliver our service. Under GDPR Article 28, we ensure all sub-processors meet strict data protection standards and have appropriate Data Processing Agreements (DPAs) in place.
Infrastructure & Hosting
Google Cloud Platform / Firebase
Service Provider
Google LLC
Data Location
🇪🇺 EU Only (europe-west3, Frankfurt, Germany)
Purpose
Database, Authentication, Storage, Hosting
Data Processed
User profiles, documents, app data
Cloudflare
Service Provider
Cloudflare, Inc.
Data Location
🌍 EU / Global (EU data localization, SCCs)
Purpose
CDN, DDoS protection, WAF, performance optimization, security
Data Processed
Web traffic data, IP addresses, request metadata
DPA: Cloudflare DPA
Certification: ISO 27001, SOC 2, GDPR-compliant
Privacy Policy: Cloudflare Privacy Policy
AI & Machine Learning Providers
Mistral AI
Service Provider
Mistral AI (France)
Data Location
🇪🇺 EU Only (France)
Purpose
AI-powered form assistance, document generation
Data Processed
Anonymized context only (no PII)
⚠️ Privacy Notice: All personal data is redacted before sending to Mistral AI. Only anonymized context is processed.
Privacy Policy: Mistral AI Privacy
Payment Processing
Stripe
Service Provider
Stripe, Inc.
Data Location
🇪🇺 EU Only
Purpose
Subscription billing, payment processing
Data Processed
Payment info, billing address, transaction history
🔒 Security: Stripe is PCI DSS Level 1 certified. AdminLanding never stores your credit card details.
DPA: Stripe DPA
Privacy Policy: Stripe Privacy Policy
Electronic Signature
Openapi Srl / Universign (Signaturit Group)
Service Provider
Openapi Srl (Italy) — Trust Service Provider: Universign / Signaturit Group (France)
Data Location
🇪🇺 EU Only (Italy & France)
Purpose
eIDAS-compliant electronic signatures for rental contracts
Data Processed
Signer names, email addresses, PDF documents to be signed
Compliance: EU-SES level electronic signatures under eIDAS Regulation (EU) No 910/2014. Signer identity verified via OTP email authentication. Documents are cryptographically sealed.
DPA: Universign Legal Notice & DPA
Certification: eIDAS TSP, ETSI EN 319 401, EU-based
Privacy Policy: Universign Privacy Policy
Email & Communications
Brevo (formerly Sendinblue)
Service Provider
Brevo (France)
Data Location
🇪🇺 EU Only (France)
Purpose
Transactional emails (verification, password reset)
Data Processed
Email address, name, email content
Observability & Error Tracking
Sentry
Service Provider
Functional Software, Inc. (Sentry)
Data Location
🇪🇺 EU region (Germany)
Purpose
Error tracking, performance monitoring, debugging
Data Processed
Error stack traces, browser/device info, page URLs, IP address, masked session replays
🔒 Privacy Notice: Session replays mask all text input and block media. Noisy and development errors are filtered before transmission. Error reports may include technical context such as IP address and browser metadata.
DPA: Sentry DPA
Certification: ISO 27001, SOC 2 Type II
Privacy Policy: Sentry Privacy Policy
Changes to Sub-processors
We will notify users at least 30 days in advance before adding or replacing any sub-processor. If you object to a new sub-processor, you may terminate your account before the change takes effect.
Notification method: Email to registered address + notice in Settings
Contact
If you have questions about our sub-processors or data processing practices, please contact our Data Protection Officer:
Email: privacy@adminlanding.com
Response time: Within 48 hours for GDPR-related inquiries
Related Policies
Related policies: