Sub-processor List - ruledoc.io
Status: DRAFT (non-lawyer prepared). Update before publishing. Effective date: [REVIEW: set effective date on publish] Last updated: 2026-05-10 Version: 1.0-draft
Purpose
ruledoc.io is operated by RFPvault (postal address pending PostNord boxadress registration, Stockholm, Sweden; contact privacy@ruledoc.io).
This page lists the third-party Sub-processors that ruledoc.io engages to help deliver the Service. It is published in accordance with Article 28(2) GDPR and our Data Processing Agreement (section 11). This list is updated when Sub-processors are added, replaced, or removed.
If you are a customer and would like to receive an email notification when this list changes, email privacy@ruledoc.io with the subject line "subscribe sub-processor changes".
Any change is announced at least 30 days before the new Sub-processor begins processing customer Personal Data, except in cases of urgent security or service-continuity changes (in which case the change will be notified as soon as reasonably possible).
Active Sub-processors
| # | Sub-processor | Legal entity | Role / processing activity | Categories of personal data | Location | Transfer mechanism | Privacy/security info |
|---|---|---|---|---|---|---|---|
| 1 | Hetzner | Hetzner Online GmbH (Industriestr. 25, 91710 Gunzenhausen, Germany) | Cloud hosting - compute, storage, database, backups | Account data; parsed configuration data; service logs; PDF reports | Germany (EU) | Within EEA - no Art. 46 mechanism required | https://www.hetzner.com/legal/privacy-policy ; ISO 27001 certified |
| 2 | Anthropic | Anthropic, PBC (548 Market St., PMB 90375, San Francisco, CA 94104, USA) | LLM service for generating natural-language descriptions of parsed firewall rules | Parsed UIF rule JSON (rule structure: vendor, action, source/destination zones, services). NOT raw configuration text. NOT secrets unless inadvertently included in a comment by Customer. | United States | Standard Contractual Clauses under Art. 46(2)(c) - Module Two (Controller-to-Processor), per Commission Implementing Decision (EU) 2021/914. Supplementary technical measure: data minimisation (parsed JSON only, no raw text, no secrets). | https://www.anthropic.com/legal/privacy ; https://trust.anthropic.com/ |
Notes on transmission to Anthropic
When the Service generates rule-description text for compliance reports, it sends to Anthropic only the parsed structured representation of a rule (vendor name, parsed action, source/destination zone, service list, schedule), not the raw configuration text. Customer Personal Data sent to Anthropic in the course of normal Service use is therefore typically limited to rule-internal usernames where the rule is source-user-based and the Customer has chosen to upload a configuration containing source-user rules.
Anthropic's published policy at the time of this DPA's effective date provides that customer prompts and outputs are not used to train Anthropic's models by default for API consumers under their commercial terms. Customers should refer to Anthropic's current privacy notice for the most up-to-date position.
Planned Sub-processors (not yet active)
The following Sub-processors are anticipated but not yet integrated. They will be added to the active list, with 30 days' notice, when integrated.
| Sub-processor | Anticipated role | Status |
|---|---|---|
| [ADD WHEN INTEGRATED] Stripe Payments Europe, Ltd. or Stripe, Inc. | Payment processing for paid tiers | [CONFIRM USED YES/NO] - pending |
| [ADD WHEN INTEGRATED] Transactional-email provider (e.g., Postmark, SES, Resend) | Sending transactional Service emails (password reset, billing notifications) | [CONFIRM USED YES/NO] - pending |
Internal infrastructure not constituting Sub-processing
The following are not Sub-processors as defined in Article 28 GDPR but are listed for transparency:
- Domain registration: [REVIEW: registrar - likely Loopia, Glesys, or similar Swedish registrar] - does not access Personal Data.
- DNS provider: Hetzner DNS (in scope under Hetzner row above) or [REVIEW: confirm if separate DNS provider is used].
How to receive notifications of changes
To receive notifications of changes to this list:
- Email privacy@ruledoc.io with subject line
subscribe sub-processor changes. - We will add your email to the notification distribution list.
- To unsubscribe at any time, reply with
unsubscribe.
A copy of any change is also posted on this page with the change date.
How to object to a new Sub-processor
If you have reasonable data-protection grounds to object to a new Sub-processor, you may do so within 14 days of notification by emailing privacy@ruledoc.io. The objection process is set out in section 11.3 of the DPA.
[REVIEW] Items requiring your attention before publication:
- [REVIEW] Confirm Stripe entity (Stripe Payments Europe Ltd. for EEA-billed customers; Stripe, Inc. for US-billed) once you select the integration
- [REVIEW] Confirm transactional email provider once selected
- [REVIEW] Confirm domain registrar / DNS provider listing
- [REVIEW] Effective date
- [REVIEW] If you add a CDN (Cloudflare, etc.) before launch, add it here
- [REVIEW] If you add error-tracking (Sentry, etc.) or session-replay tools, add them here - these typically process IP addresses
DRAFT NOTICE. This is a defensible non-lawyer draft. Before launch, review the Active Sub-processors table line-by-line and confirm each entry matches what is actually configured in production. Sub-processors not listed here will create a GDPR Art. 28(2) gap if they begin processing.