/ trust / subprocessors
Subprocessor list
Last updated 25 May 2026
OXP relies on the third parties below to operate the registry and the oxp.sh web app. We give 30 days' notice on /trust before adding or removing any subprocessor. Enterprise customers may request the signed list with notification webhook.
Neon
DPA ↗Managed Postgres (registry, accounts, audit log)
- Region
- EU (Frankfurt)
- Data categories
- Account profile, package metadata, signed bundle digests, audit events.
Cloudflare
DPA ↗Edge proxy, WAF, DDoS, CDN for static assets
- Region
- Global edge; EU/US ingress
- Data categories
- Request metadata (IP, UA, path); no bundle bytes cached.
Paddle
DPA ↗Merchant of record, billing, tax, invoicing
- Region
- EU/US
- Data categories
- Customer name, billing email, country, payment method token.
Postmark
DPA ↗Transactional email (verify, reset, security alerts)
- Region
- US
- Data categories
- Email address, message body for the specific transactional event.
Vercel
DPA ↗Web app hosting (oxp.sh, dashboard, docs)
- Region
- Global edge; EU/US compute
- Data categories
- Request logs (IP, UA, path); no DB rows.
Change notification
Email sales@oxp.sh with subject "Subprocessor change notification" to receive 30-day advance email whenever this list changes.