Sub-processors
Last updated: May 16, 2026
About this page
We publish the full list of third parties that process personal data on our behalf so you can see exactly who touches your data and why. Each sub-processor is bound by a written data-processing agreement and may only act on our instructions.
We will notify business customers of any new or replacement sub-processor at least 30 days before the change takes effect (or sooner where the change is required by law or to address a security incident), giving you an opportunity to object as set out in our DPA.
Current sub-processors
Amazon Web Services (AWS) — Rekognition
USAPurpose: Stores face templates and performs biometric matching for identity continuity. Also provides liveness detection during identity creation, recovery, and renewal flows.
Data categories: Face templates (derived mathematical representation, not raw images); transient liveness frames during a session
Region: United States (us-east-1). EU collection (eu-west-1) planned for EU market launch.
Transfer mechanism: EU SCCs + UK IDTA where applicable
Documentation: https://aws.amazon.com/compliance/data-privacy/
Amazon Web Services (AWS) — General infrastructure
USAPurpose: Underlying cloud infrastructure for ancillary services (object storage, monitoring) where used.
Data categories: Operational logs, monitoring metadata
Region: United States (us-east-1)
Transfer mechanism: EU SCCs + UK IDTA where applicable
Documentation: https://aws.amazon.com/compliance/data-privacy/
Didit
Spain (EU)Purpose: KYC verification: document scanning (OCR + MRZ parsing) and liveness detection during opt-in identity verification flows.
Data categories: Document images, document fields (name, DOB, document number, expiration), captured selfie used for liveness
Region: Spain / EU. Documents and liveness frames remain in Didit's environment; UIP receives a normalized verification result only.
Transfer mechanism: Direct EU processing; SCCs where data crosses into the US for service delivery
Documentation: https://didit.me/privacy
Supabase
USA (corporate); region per deploymentPurpose: Primary database, authentication storage, and account records.
Data categories: Account data, identity cache, audit records, business records, encrypted message metadata
Region: Region selected per UIP deployment (currently US; EU available for EU expansion)
Transfer mechanism: EU SCCs + UK IDTA
Documentation: https://supabase.com/privacy
Railway
USAPurpose: Hosting for UIP API services.
Data categories: Server runtime data and operational logs
Region: United States
Transfer mechanism: EU SCCs + UK IDTA
Documentation: https://railway.com/legal/privacy
Apple (APNs)
USAPurpose: Delivery of push notifications to iOS devices.
Data categories: Push notification tokens (device identifier scoped to UIP), notification payloads (transient)
Region: Apple global infrastructure
Transfer mechanism: EU SCCs
Documentation: https://www.apple.com/legal/privacy/data/en/apple-services/
Resend
USAPurpose: Transactional email delivery (account-related, security, legal notices).
Data categories: Recipient email address, email subject and body
Region: United States
Transfer mechanism: EU SCCs
Documentation: https://resend.com/legal/privacy-policy
Sub-processors of sub-processors
Each of our sub-processors maintains its own list of sub-processors (for example, Didit may rely on additional vendors for document forensics or telecommunications). Those lists are available on the respective sub-processor's documentation page linked above.
Questions or objections
Email [email protected] with questions about a specific sub-processor or to object to a planned change as set out in our DPA.