Appendix B
GoGreenlight Sub-Processor List
This appendix forms part of the Data Processing Agreement (DPA) between the Data Controller and GoGreenlight (the Data Processor).
The list of authorized sub-processors will be maintained and updated as necessary to reflect any changes in our data processing arrangements.
Authorized Sub-Processors
On commencement of the Clauses, the data controller authorizes the engagement of the following sub-processors for the processing described for that party. The data processor shall not be entitled – without the data controller's general written authorization – to engage a sub-processor for a 'different' processing than the one which has been agreed upon or have another sub-processor perform the described processing.
| Sub-Processor | Purpose | Location | Transfer Safeguards |
|---|---|---|---|
| Google Cloud Platform | Cloud hosting and infrastructure | EU/EEA | N/A (EU processing) |
| Supabase | Database services and authentication | EU/EEA | N/A (EU processing) |
| Vercel | Application hosting and deployment | EU/EEA | N/A (EU processing) |
| Resend | Email delivery services | USA | EU-US Data Privacy Framework, SCCs |
Changes to Sub-Processors
The data processor shall inform in writing the data controller of any intended changes concerning the addition or replacement of sub-processors at least 5 work days in advance, thereby giving the data controller the opportunity to object to such changes prior to the engagement of the concerned sub-processor(s).
For questions regarding sub-processors, please contact: contact@gogreenlight.ai
CVR: 45992705