子处理者
最后更新: 2026-04-27
根据 GDPR 第28条的子处理者最新清单。所有欧盟以外的传输均符合欧盟-美国数据隐私框架充分性决定和/或 SCC 2021/914。补充技术措施记录在我们的传输影响评估中,可应要求提供。
| 子处理者 | 职能 | 数据类别 | 位置 | 传输依据 |
|---|---|---|---|---|
| Vercel | Hosting + edge runtime | Request log, IP, user-agent | USA (edge global) | EU-US DPF + SCC |
| Neon | Database PostgreSQL gestito | Tutti i dati applicativi (PII + business) | EU (FRA-1) | 仅限欧盟 |
| Cloudflare R2 | Storage file ECU cifrati | Binari ECU cifrati (AEAD app-level) | EU (FRA) | EU-US DPF + SCC |
| Clerk | Autenticazione admin | userId, email admin, sessione | USA | EU-US DPF + SCC |
| PayPal (Orders v2) | Pagamenti one-shot ordini B2C | Nome, indirizzo billing, email, importo | USA + EU | EU-US DPF + SCC |
| PayPal (Subscriptions/Billing) | Sottoscrizioni B2B ricorrenti (subscribers) | Email subscriber, ragione sociale, indirizzo billing, importo, schedule ricorrenza | USA + EU | EU-US DPF + SCC |
| Resend | Email transazionali | Email destinatario, contenuto messaggio | EU (Irlanda) | 仅限欧盟 |
| Twilio | SMS / WhatsApp (opzionale) | Telefono, contenuto messaggio | USA + EU | EU-US DPF + SCC |
| Inngest | Job queue async | orderId, fileId, event payload (no PII) | USA | SCC 2021/914 模块 2 |
如有数据保护方面的疑问或行使您的 GDPR 权利(第15-22条),请发送电子邮件至 info.techmatik@gmail.com。