Subprocessors
The service providers Observer uses to operate the Service, what they do, where they process data, and the transfer mechanism that applies. Last updated 2026-05-24.
Effective date: 2026-05-24 Last updated: 2026-05-24
This page lists every third party that processes personal data on Observer's behalf. Observer is a sole trader based in England, United Kingdom, trading as "Observer". Each subprocessor below is engaged under a written agreement that requires GDPR-compliant processing.
If you have a contract with us that includes the Data Processing Agreement (this is the default for every customer), your authorisation to use these subprocessors is given by accepting the DPA. We will give you at least 30 days' notice before engaging any new subprocessor, by email to your account owner and via the in-product notification mechanism. You may object during that window by writing to [email protected]; see the DPA for the consequences of objection.
Active subprocessors
| Subprocessor | Legal entity | Purpose | Location | Transfer mechanism |
|---|---|---|---|---|
| Hetzner Online GmbH | Hetzner Online GmbH, Germany | Primary hosting: virtual machines, block storage, object storage holding the production database and backups | Germany (within the EEA) | None required (intra-EEA) |
| Oracle Cloud Infrastructure | Oracle Corporation UK Limited | Secondary hosting and disaster-recovery replica of the production Postgres database. Carries the same categories of personal data as the primary | United Kingdom (London / Newport regions) | EU GDPR: EU-UK adequacy decision (Commission Implementing Decision (EU) 2021/1772). UK GDPR: data stays within the United Kingdom |
| Clerk | Clerk, Inc., United States | Authentication, organisation membership, session management, billing administration (subscription management surfaces) | United States | 2021 SCCs + UK IDTA |
| Stripe (via Clerk Billing) | Stripe Payments Europe Ltd. (Ireland) and Stripe, Inc. (United States), engaged as a sub-subprocessor by Clerk under Clerk's own DPA | Payment processing for paid subscriptions. Observer never receives or stores card data | Ireland (EU) and United States | 2021 SCCs + UK IDTA via Clerk's downstream contract |
| Resend | Resend, Inc., United States | Transactional email delivery (confirmation emails, subscription receipts, status notifications, weekly SLO reports) | United States | 2021 SCCs + UK IDTA |
| Cloudflare | Cloudflare, Inc., United States | Content delivery network, TLS termination, edge caching for public status pages, Custom Domains via Cloudflare for SaaS (feature-flagged) | Global edge network, with the legal entity in the United States | 2021 SCCs + UK IDTA |
Planned, not yet active
These subprocessors are on the roadmap but are not processing data today. We are listing them in advance so that the first activation does not surprise existing customers. We will refresh this list and start the 30-day notice period before activating any of them.
| Subprocessor | Legal entity | Intended purpose | Location | Transfer mechanism |
|---|---|---|---|---|
| Grafana Cloud | Grafana Labs Sweden AB, Sweden | Internal observability for Observer's own operational metrics. Will not process customer monitoring data. Customer monitoring data stays in the Hetzner-hosted database | Sweden (Frankfurt, EU region within the EEA) | None required (intra-EEA) |
| PostHog | PostHog, Inc., United States | Product analytics on the Observer dashboard, behind explicit consent on first visit | Preferred EU instance (EU GDPR compliant by deployment region). If activated on a US instance, 2021 SCCs + UK IDTA will apply | TBD by region at activation |
We will not activate PostHog without a cookie consent mechanism in place. See the Cookie Policy for the current state.
What "subprocessor" means here
A subprocessor is any third party we engage to process personal data on behalf of our customers. The list above does not include:
- companies that provide us with services that do not involve personal data; or
- services that we use for our own internal operations and that do not touch customer data (for example, our personal development tools and code hosting).
If a service we use turns into a route for customer personal data, we add it to the list above and give you the 30-day notice described in the DPA.
Notifying a change
When we add or replace a subprocessor:
- We update the table above.
- We email the account owner of every paying customer.
- We surface a notification on the dashboard.
- The 30-day notice window starts from the later of (2) and (3).
If you object on reasonable data-protection grounds during the notice window, we will work with you to find an alternative. If no alternative is workable, you may terminate the affected portion of the Service without penalty in accordance with the DPA.
Contact
For subprocessor questions, write to [email protected].