Skip to content
— Legal

Sub-processors

The categories of third parties we rely on to operate our services. The full named list is available to clients on request under our Data Processing Agreement.

Effective 1 May 2026Last updated 22 June 2026

When we provide our services, some personal data is processed by third-party service providers ("sub-processors"). For transparency, we describe the categories of sub-processors we rely on below. The full list of named sub-processors — including the specific entities and their locations — is available to active clients on request under our Data Processing Agreement (DPA). We engage all sub-processors under agreements that require appropriate data protection safeguards.

Categories of sub-processors

We group the third parties that may process personal data on our behalf into the following categories. We disclose categories rather than named vendors here; active clients can request the full named list (see below).

CategoryPurposeTypical data location
Infrastructure & hostingHosting our website, application, and background servicesEU / USA
Database & analytics storageStoring transactional and analytical dataEU
AuthenticationAccount sign-in and user managementEU / USA
Email & notificationsTransactional and service email deliveryEU / USA
AI processingAI-assisted analysis and reportingEU / USA
Ad & ecommerce platform connectorsReading advertising and sales performance data via official platform APIsEU / USA
Analytics & monitoringWebsite analytics, error tracking, and application loggingEU / USA
PaymentsProcessing payments and billingEU / USA
CRM & business operationsManaging client relationships and internal operationsEU / USA

How we protect your data

We engage sub-processors under data processing agreements that require appropriate technical and organizational safeguards. Where data is transferred internationally, we rely on appropriate mechanisms such as standard contractual clauses (SCCs) or adequacy decisions.

AI providers we use do not train on data we send to their APIs, and we use enterprise-grade APIs with zero data-retention terms where available. Connected platform data is stored in our EU-based analytical and transactional databases, and transfers to or from platform APIs use HTTPS.

Requesting the full list

Active clients with an executed Data Processing Agreement can request the complete list of named sub-processors, including the specific entities, their processing purposes, and data locations. Contact us to request it.

Changes to this list

We update the categories and the underlying sub-processors as our infrastructure evolves. For material changes affecting active clients, we provide 30 days advance notice via email, as set out in the relevant Data Processing Agreement.

If you have concerns about how your data is processed, please contact us. Active clients with executed agreements have specific rights regarding sub-processor changes set out in those agreements.

Questions about this policy?

Email us at support@adsrunner.com and we'll respond within one business day.