Current providers
| Provider | Purpose | Data | Primary processing locations | Role |
|---|---|---|---|---|
| Timeweb Cloud LLC | Server, network and infrastructure hosting | Website requests, portal database, task content, attachments, logs | Server infrastructure in the Netherlands; provider operations may involve Russia | Processor |
| Unisender Go | Transactional account and password-reset email | Name, email, message content, delivery metadata | Russia and provider locations stated in its documentation | Processor |
| Telegram Messenger Inc. and group companies | Optional internal notification of a new lead or operational event | Submitted contact/project details and request metadata included in the alert | Global, including BVI and UAE group entities | Processor/independent provider depending on use |
| LAVALANE LTD (Lava.top) | Checkout, subscriptions, payment status, tax, fraud and customer support | Identity, contact, billing, order, device and payment data | Cyprus and its payment-provider locations | Independent controller and payment agent; processor for limited instructed data where applicable |
| Google LLC (Google Analytics) | Optional consent-based website analytics | Online identifiers, page and interaction events, device/browser data | United States and global Google infrastructure | Processor/independent controller as stated in Google’s terms |
Customer-selected services
A task may require access to a Customer’s own hosting, CMS, analytics, CRM, repository, design or communication provider. Those services are selected and controlled by the Customer and are not automatically TUNDRÄ subprocessors. If TUNDRÄ independently engages a new provider to process Customer Personal Data, the DPA change procedure applies.
Changes and objections
We may replace or add providers to operate the Service. Material changes involving Customer Personal Data will be posted here and, for active Business Customers with a DPA, notified by email or in the portal at least 15 days before the new provider begins routine processing where reasonably possible. A Customer may object on documented data-protection grounds during that period. The parties will seek a reasonable alternative; if none is available, either party may terminate the affected processing without penalty beyond fees for Service already supplied.
Provider information
Provider corporate structures and data locations may change. Their current public privacy terms remain controlling for processing they undertake as independent controllers. Contact us for a copy of available contractual safeguards relevant to your transfer.