Legal
Last updated
12 July 2026

Sub-processors.

These are the infrastructure providers that may process personal data on ProseID's behalf, as described in our Privacy Policy and Data Processing Addendum. We keep this list current and update the date above when it changes.

ProviderPurposeRegion
Google (Firebase & Google Cloud)Authentication, database (Firestore), serverless functions, file storage for verification evidence, submission encryption (Cloud KMS), and — only if you opt in — analytics.EU & US
RailwayApplication hosting for the ProseID web app and API.EU / US
StripePayment processing and subscription billing. Handles card data directly; ProseID never receives it.EU & US
Zoho (ZeptoMail)Transactional email — completion receipts and PDFs, Flow-link invites, organization invitations, and account/admin notifications.EU data centre

Some providers may process data outside the EEA; where they do, transfers rely on an adequacy decision or Standard Contractual Clauses. Sign-in with Google or GitHub is optional and used only to authenticate you if you choose it. Questions: [email protected].