This page lists third-party providers that Zorix, LLC, doing business as Scravio ("Scravio," "we," "us," or "our"), uses to provide, operate, secure, support, bill, and improve the Scravio Service.
This page is incorporated by reference into the Data Processing Addendum where applicable.
1. Scope
A Subprocessor is a third party that processes Customer Personal Data on behalf of Scravio in connection with the Service.
Some providers listed below may process account, billing, support, or payment data rather than Customer Personal Data. Some payment providers or merchants of record may act as independent controllers for payment transactions. Their exact role may depend on the checkout flow and provider terms.
2. Customer Content subprocessors
The following providers may process Customer Personal Data contained in Customer Content, task inputs, Outputs, logs, or workspace data.
| Provider | Purpose | Data categories | Processing location | Role |
|---|---|---|---|---|
| TO BE CONFIRMED: cloud hosting provider | Hosting, compute, networking, infrastructure, Service delivery | Customer Content, task metadata, logs, account identifiers | TO BE CONFIRMED | Subprocessor |
| TO BE CONFIRMED: database/storage provider | Database, file storage, backups, workspace data storage | Customer Content, Outputs, files, exports, task records | TO BE CONFIRMED | Subprocessor |
| TO BE CONFIRMED: logging/monitoring provider | Error tracking, infrastructure monitoring, performance logs, operational diagnostics | Logs, device data, IP addresses, task metadata, limited Customer Content where included in logs | TO BE CONFIRMED | Subprocessor |
| TO BE CONFIRMED: transactional email provider | Account emails, service notices, security notices, support communications | Email address, name, account identifiers, message metadata | TO BE CONFIRMED | Subprocessor / service provider |
| TO BE CONFIRMED: support provider | Customer support, tickets, screenshots, attachments, support communications | Account data, support content, screenshots, logs, Customer Content if provided in tickets | TO BE CONFIRMED | Subprocessor / service provider |
| TO BE CONFIRMED: analytics provider | Product analytics used to operate and improve the Service | Usage data, device data, account identifiers, event data | TO BE CONFIRMED | Service provider / subprocessor if Customer Personal Data is processed |
| TO BE CONFIRMED: security/fraud provider | Abuse prevention, fraud detection, sanctions screening, security monitoring | Account data, IP addresses, device data, transaction metadata, security logs | TO BE CONFIRMED | Service provider / subprocessor where applicable |
3. Payment, billing, and merchant-of-record providers
The following providers may process account, billing, subscription, transaction, and payment data. They generally do not need Customer Content to provide payment services.
| Provider | Purpose | Data categories | Processing location | Role |
|---|---|---|---|---|
| Stripe | Payment processing, subscriptions, invoices, payment authentication, fraud prevention | Billing name, email, company, address, payment metadata, transaction records, tax metadata | United States and other locations described by Stripe | Payment processor / service provider / independent controller depending on context |
| Paddle | Merchant of record, checkout, payment processing, tax/VAT, invoices, refunds, chargebacks, buyer support | Billing name, email, company, address, payment metadata, transaction records, tax metadata, refund data | United Kingdom, United States, EEA, and other locations described by Paddle | Merchant of record / independent controller / processor depending on context |
4. Updates and notices
We may add, remove, or replace providers as our Service and vendor stack evolve.
Where required by the Data Processing Addendum or applicable law, we will provide notice of material Subprocessor changes and allow customers to object on reasonable data protection grounds within the period described in the DPA.
5. Subprocessor standards
For providers that process Customer Personal Data as Subprocessors, Scravio uses reasonable diligence and requires written obligations that are designed to protect Customer Personal Data, including confidentiality, security, and processing restrictions appropriate to the provider's services.
6. Contact
Questions about subprocessors may be sent to:
Email: [email protected]
Company: Zorix, LLC, doing business as Scravio
Address: 1111B S Governors Ave STE 40623, Dover, DE 19904, United States
Phone: +13024402968