Sub-processors
The following third-party service providers may, as part of Webfronten's services for hosting, maintenance and operation of WordPress websites, access personal data stored on or processed via the customer's website. This list is published in accordance with section 7 of Webfronten's Data Processing Agreement and is updated when changes occur. Customers are notified at least 14 days in advance of material changes.
Last updated: March 2026
| Sub-processor | Country | Purpose | Transfer basis |
|---|---|---|---|
| 1Password | CA / US | Password management and secure storage of login credentials | SCC |
| Amazon Web Services (SES) | US | Transactional outgoing email delivery | DPF |
| Anthropic (Claude AI) | US | Programming assistance and content handling | SCC / DPF |
| Asana | US | Project and task management | SCC / DPF |
| Cloudflare | US / EU | CDN, DNS, security and CAPTCHA (Turnstile) | SCC / DPF |
| Google Workspace | US / EU | Email and document handling | SCC / DPF |
| Hetzner Online GmbH | DE (EU) | Web hosting – storage of web servers and databases | Within EU |
| Patchstack | EE (EU) | WordPress plugin vulnerability monitoring | Within EU |
| Punktum dk A/S | DK (EU) | Domain registration and DNS management | Within EU |
| RunCloud | US | Server management and configuration | SCC |
| SolarWinds Papertrail | US | Server logging and error monitoring | SCC |
| WP Umbrella (Liven Studio) | FR (EU) | Remote monitoring and management of WordPress sites | Within EU |
Transfer basis – abbreviations
- DPF: EU–U.S. Data Privacy Framework, approved by the European Commission in July 2023
- SCC: Standard Contractual Clauses issued by the European Commission (2021)
- Within EU: No separate transfer mechanism required
Questions regarding this list can be directed to [email protected].