FlowSentricSubprocessors
Last updated: 16 June 2026
A subprocessor is a third party FlowSentric engages to process personal data on your behalf. We use a small, deliberately limited set. Every subprocessor is bound by a data processing agreement with equivalent data-protection obligations, and — where data is processed outside the EU/EEA — by EU Standard Contractual Clauses (SCC) or an adequacy decision.
Infrastructure subprocessors
| Subprocessor | Purpose | Location | Safeguard |
|---|---|---|---|
| Hosting / infrastructure provider | Application & database hosting | EU | EU hosting |
| Stripe | Payment processing (PCI-DSS) | EU / USA | SCC |
| Microsoft 365 | Transactional & contact-enquiry email | EU | EU hosting |
AI model subprocessors (customer-selected)
These process only the prompts and content you choose to send to them. Our PII-masking layer can remove sensitive data before it leaves FlowSentric, and you can pin requests to EU regions. If you use only EU-hosted or local models, no third-country transfer occurs.
| Subprocessor | Purpose | Location | Safeguard |
|---|---|---|---|
| OpenAI | AI model inference (only if selected) | EU / USA | SCC |
| Anthropic | AI model inference (only if selected) | EU / USA | SCC |
| Google (Gemini) | AI model inference (only if selected) | EU / USA | SCC |
| Other model providers you enable | AI model inference (only if selected) | Per provider | SCC / adequacy / EU region |
Changes & objections
We notify business customers of intended changes to this list at least 14 days in advance via email or in-app notice. You may object on important data-protection grounds. To be notified of changes, or to raise an objection, email hello@flowsentric.com.
See also our Data Processing Agreement, Security overview and Privacy Policy.