Sub-processors
Last updated: April 2026
This page lists every third party that processes customer data on behalf of Style4 Solutions AB to operate CompliantHQ. We update this list whenever we add, change, or remove a sub-processor. For the full data-processing context, see our privacy policy.
Active sub-processors
| Provider | Purpose | Region | Privacy policy |
|---|---|---|---|
| Anthropic PBC | AI analysis of scan results — generates action plans and powers the in-product compliance chat. Receives scan findings (cookie names, script URLs, WCAG findings, page titles, HTML snippets from publicly reachable pages) but never login credentials, payment data, or content from authenticated areas. | USA (under EU-US DPF + SCCs) | anthropic.com/legal/privacy |
| Mailjet | Transactional email delivery — magic-link login, scan notifications, trial reminders, billing. | EU | mailjet.com/privacy-policy |
| Hetzner | Hosting for our application servers and MariaDB database. | Finland | — |
| Playwright / Chromium | Automated browser running on our own servers to scan customer sites. No data is sent to Google or other third parties from the scanning process itself. | Our infrastructure (Finland) | — |
International transfers
Anthropic PBC is based in the United States. The transfer is made under the EU-US Data Privacy Framework (to which Anthropic is certified), supplemented by the European Commission's Standard Contractual Clauses (SCCs) as a safeguard under GDPR Art. 46. All other sub-processors operate within the EU/EEA.
Notification of changes
If we add, replace, or change a sub-processor's role we update this page and the privacy policy at the same time. We don't currently operate a separate change-notification mailing list — for now, this page is the source of truth. Email hello@complianthq.ai if you want to be notified of changes.