What is a subprocessor?

A third party that processes personal data on your behalf — like AWS, Stripe, SendGrid, or any SaaS handling customer data.

Do I have to notify customers of changes?

GDPR requires it for EU customers. Most enterprise customers expect it regardless of jurisdiction.

Products/Governance/Subprocessor Roll

Governance

Subprocessor Roll

Manage subprocessor disclosures for customers

Maintain your list of subprocessors (companies that handle customer data on your behalf), publish updates, manage opt-out workflows, and email customers about additions or changes. Required by GDPR, helpful for SOC 2.

Launch Demo From $19/month

Key Features

Subprocessor inventory

Public disclosure page

Change notification workflow

Customer opt-out tracking

GDPR-aligned templates

Audit log of changes

Benefits

Meet GDPR Article 28 subprocessor obligations

Build customer trust through transparency

Automate subprocessor change communications

Use Cases

GDPR subprocessor management

SOC 2 third-party risk evidence

Customer transparency programs

Subprocessor Roll

Key Features

Benefits

Use Cases

Frequently Asked Questions

Related Products

Diligence Desk

Incident60

PolicyStack SMB