Sub-processors

To deliver the PostStack service, MICCI engages the following third parties as sub-processors under GDPR Article 28. This list is authoritative and is updated whenever the set of sub-processors changes. Existing customers are notified at least 30 days before any new sub-processor begins processing personal data.

Hetzner Online GmbH

Germany (EU)

Primary infrastructure provider. Hosts all application servers, databases, and customer data.

View DPA / Privacy Policy →

Stripe Payments Europe, Ltd.

Ireland (EU)

Payment processing for paid plans. Receives billing contact details, invoice amounts, and payment method metadata.

View DPA / Privacy Policy →

Cloudflare, Inc.

United States

DNS, DDoS protection, and CDN for static assets. Processes request metadata (IP, user agent, URL) at the edge.

Transfer mechanism: Standard Contractual Clauses + EU-US Data Privacy Framework

View DPA / Privacy Policy →

GitHub, Inc.

United States

Optional OAuth sign-in provider. Only invoked when a user chooses "Sign in with GitHub" — we receive profile name, email, and avatar.

Transfer mechanism: Standard Contractual Clauses + EU-US Data Privacy Framework

View DPA / Privacy Policy →

Change log

  • 2026-04-07Initial published list: Hetzner, Stripe, Cloudflare, GitHub.

Questions about this list? Contact privacy@poststack.dev. See also our Privacy Policy and Terms of Service.