Subprocessors

Our list of subprocessors

Latest update: October 1, 2025

To support the provision of our services, Simora Technologies GmbH (“ScanDog”) may engage and use data processors (“subprocessors”) to access certain personal data. This page provides important information about the identity, location, and role of each subprocessor we use.

Hosting infrastructure subprocessors

During the provision of the ScanDog service, ScanDog processes personal data on behalf of the respective customer. In doing so, ScanDog uses the following subprocessors, in particular to store/host/collect personal data or provide other infrastructures.

  • Google Cloud EMEA Limited
    Gordon House, Barrow Street, Dublin 4, Ireland
    Contract: Hosting of application backend, databases, and storage on Google Cloud Platform (EU region). Personal data processed includes customer account information, uploaded scan files, and platform usage data. Data may be transferred to the USA under the EU–US Data Privacy Framework or SCCs.

  • Cloudflare, Inc.
    101 Townsend St, San Francisco, CA 94107, USA
    Contract: Provision of CDN, DDoS protection, and edge security services for scandog.app. Personal data processed includes IP addresses, DNS queries, and HTTP request metadata. Transfers covered by EU–US Data Privacy Framework.

Service-specific subprocessors

ScanDog works with third-party providers to provide certain functions or features within the ScanDog service. These providers have access to relevant personal information (in both identifiable and anonymous form) to provide their respective functions. Use of the information is limited to the purposes listed below.

  • Google Ireland Limited (Google Workspace)
    Gordon House, Barrow Street, Dublin 4, Ireland
    Contract: Email services for company communications and delivery of application-related emails (e.g., account activation, password reset, notifications). Personal data processed includes sender/recipient email addresses and message content. Transfers covered by EU–US Data Privacy Framework.

  • Sentry (Functional Software, Inc.)
    45 Fremont Street, 8th Floor, San Francisco, CA 94105, USA
    Contract: Application monitoring, error tracking, and performance analytics. Personal data processed includes pseudonymized event data, IP address, and device/browser information. Transfers covered by SCCs and EU–US Data Privacy Framework.

  • PostHog, Inc.
    2261 Market Street #4008, San Francisco, CA 94114, USA (HQ in UK)
    Contract: Product analytics for user behavior and feature performance. Personal data processed includes pseudonymized usage events, session data, and aggregated metrics. Transfers covered by SCCs.

  • Linear, Inc.
    261 Market Street, Suite 4242, San Francisco, CA 94114, United States
    Contract: Internal issue tracking and ticket management. Personal data processed includes employee and user identifiers for bug reports, task assignments, and internal project management.

  • Notion Labs, Inc.
    55 Almaden Blvd, Suite 600, San Jose, CA 95113, USA
    Contract: Internal documentation and knowledge management. Personal data processed includes employee names, email addresses, and any user-related information documented internally for support or operational purposes.

Shrink your AppSec debt by 95% in less than 2h