A sub-processor is any third-party service provider that processes your data on our behalf to deliver the Gatekeeper Service. Under the GDPR and similar data protection laws, we are required to maintain an up-to-date list of these providers and notify you before adding new ones.
We keep this list short by design. Our architecture minimizes the amount of data we handle, and we resist the temptation to add vendors for convenience.
| Sub-processor | Role | Region | Data Categories |
|---|---|---|---|
| Shopify Inc. | Platform host, OAuth provider, billing processor, webhook source | US / Canada | All Merchant Account Data, subscription events, order webhook payloads |
| Fly.io, Inc. | Application runtime (Remix/Node server) | United States (ORD — Chicago, IL) | All Merchant Data described in our Privacy Policy §4 |
| Neon, Inc. | Managed PostgreSQL database hosting | United States (AWS us-east-2 — Ohio) | All persisted Merchant Data described in our Privacy Policy §4 |
This list is intentional. We have chosen not to use any of the following categories of vendor, and we commit in our DPA not to add them without notifying you first:
We notify merchants at least 30 days in advance of any change to this list, including additions, replacements, or removals. Notifications are sent via:
Merchants have the right to object to any new sub-processor within the 30-day notification window. If we cannot accommodate the objection, the Merchant may terminate the Agreement without penalty. See our Data Processing Agreement §3.3 for full details.
Historical changes to this list will be recorded below.
| Date | Change | Reason |
|---|---|---|
| April 24, 2026 | Initial publication | Product launch |
If you have questions about our sub-processors or want more detail about a specific provider’s own security and privacy practices, email us at support@honeywired.com. We are happy to provide sub-processor security questionnaires, DPAs, or other documentation we have on file from each provider.