Sub-processors
Sub-processors
The third-party services we use to deliver GuardYourName, what data they receive, and where they operate.
Last updated: 5 May 2026.
To run a domain registrar / brand-protection service we have to integrate with payment networks, registrar APIs, DNS providers, and an email service. Each of these is a "sub-processor" under GDPR — they receive personal data from us, on our behalf, to perform a specific function.
This page lists every external service we send personal data to, what data they receive, and which country they operate in. We update it whenever we add or remove a sub-processor. If you've signed a Data Processing Agreement (DPA) with us, we'll notify you in advance of any change.
Current sub-processors
| Provider | Purpose | Data shared | Region |
|---|---|---|---|
| DigitalOcean privacy policy |
Application hosting (the droplet GuardYourName runs on) and managed DNS for customer domains. | All data we hold (it's their server). For the DNS service: customer domain names + the IPs / values of DNS records you configure. | United States |
| Stripe privacy policy |
Card payments and recurring billing. | Customer name, email, billing address, payment-method token (we never see the card number itself), order amount, currency, app environment (test / live). | United States (DPF-certified) |
| Square privacy policy |
Alternate payment gateway (when selected at checkout). | Tokenized card source, amount, location ID, order ID reference. We never see the card number. | United States |
| OpenSRS / Tucows privacy policy |
Domain registration, transfer, and DNS-record management for OpenSRS-routed domains. | Full WHOIS contact set: legal name, organization, postal address, phone, email. WHOIS privacy is enabled by default so this data is masked from the public WHOIS record. | Canada |
| Namecheap privacy policy |
Domain registration, transfer, and DNS-record management for Namecheap-routed domains. | Full WHOIS contact set, same as OpenSRS. WhoisGuard (Namecheap's WHOIS privacy product) is enabled by default at no charge. | United States |
| Resend privacy policy |
Outbound transactional email — sign-in links, registration confirmations, transfer notices, renewal reminders. | Recipient email, message subject, message body (which includes magic-link tokens during their 15-minute validity window). Resend retains delivery logs per their own policy. | United States |
| Cloudflare Turnstile privacy policy |
Bot-deterrence widget on the magic-link sign-in form. | Visitor IP and a per-challenge token. We send the IP server-side to verify the challenge response. | United States (DPF-certified) |
Conditionally engaged
The following sub-processor receives data only if it is configured in production. As of the "Last updated" date above:
-
Sentry — error tracking. If a Sentry DSN is set in production, application errors are sent to Sentry.io with stack traces, breadcrumbs, and request URLs. Personal identifiers (email, user IDs) are not sent because
SENTRY_SEND_DEFAULT_PIIis set tofalse.
Things we deliberately don't use
No analytics platform, no advertising network, no marketing-automation tool, no third-party CRM, no chatbot, no session-replay tool, no heatmap tool, no A/B-testing platform. The audit list above is the complete list — there are no others sending data anywhere.
Changes
We will update this page when sub-processors change. Customers with active accounts will be emailed at least 15 days before any new sub-processor begins receiving customer data, so you have time to object or terminate.