Sub-processors
Last updated: [EFFECTIVE DATE]
We use the following third-party processors to operate the Schreibly service. Each processor is contractually bound to confidentiality, security, and processing instructions consistent with our customer obligations under GDPR (or the equivalent UK/Swiss law).
| Processor | Purpose | Data categories | Location |
|---|---|---|---|
| Paddle.com Market Ltd. | Merchant of Record — payment processing, invoicing, VAT/sales tax. | Billing data, transaction metadata, contact email. | United Kingdom; affiliates in the EU and US. |
| [PRIMARY AI PROVIDER, e.g. OpenAI, L.L.C.] | Large language model API for text analysis. | Text submitted for checking; language and variant. | [US — SCCs in place] |
| [SECONDARY AI PROVIDER, e.g. Anthropic, PBC] | Alternate / fallback large language model API for text analysis. | Text submitted for checking; language and variant. | [US — SCCs in place] |
| [HOSTING PROVIDER] | Application and database hosting. | All data processed by the Service. | [REGION] |
| [EMAIL PROVIDER] | Transactional email (account, billing notifications). | Email address, message content. | [REGION] |
| [IDENTITY / AUTH PROVIDER] | Account authentication and identity management. | Email, authentication identifiers. | [REGION] |
| [ERROR / LOG PROVIDER, optional] | Application error and log aggregation. | Application logs, IP, error metadata. | [REGION] |
Future changes
Where customers are bound by our DPA, we will notify them of material changes to this list per the notice period in the signed DPA. For all users, we will reflect changes here and update the "Last updated" date.
Contact
Questions: support@codexo.dev.
See also: Data Processing Addendum and Privacy Policy.