Sub-processors
Last updated: [EFFECTIVE DATE]
Template — review before publishing. This list reflects the services Lapseguard integrates with in code. Confirm each vendor, its processing location, and your contractual basis before publishing. It is not legal advice.
Lapseguard uses the third-party providers below to deliver the Service. We share only the data needed for each provider's function. Notification providers receive data only when your organisation configures that channel and an alert is sent. This page is referenced by our Privacy Policy.
Infrastructure
| Provider | Purpose | Data processed |
|---|---|---|
| Netlify | Application hosting and serverless functions | All requests to the Service; data in transit |
| Neon | Managed PostgreSQL database | Account data, monitoring configuration, escalation contacts, certificate observations, and incidents |
Notifications (used only when you configure them)
| Provider | Purpose | Data processed |
|---|---|---|
| Slack | Incident alerts and acknowledgement actions | Incident details and the Slack channel/user you configure |
| Postmark | Transactional and alert emails | Recipient email address and message content |
| Twilio | SMS alerts | Recipient phone number and message content |
| PagerDuty | On-call escalation | Incident summary and the routing key you configure |
Public data sources
| Provider | Purpose | Data processed |
|---|---|---|
| crt.sh (Certificate Transparency) | Detecting newly issued certificates | The domain names you monitor are sent as public log queries; no account or personal data is shared |
Changes
We may update this list as our providers change. Where required, we will give notice of new sub-processors before they begin processing. To be notified of changes, contact [CONTACT EMAIL].