Subprocessors | Crealix AI

Provider	Category	Regions
	Infrastructure & Hosting	United States · Global
	Infrastructure & Hosting	United States
	Infrastructure & Hosting	Global
	Storage & CDN	Global
	Payments	United States · European Union
	AI Model Providers	United States
	AI Model Providers	United States
	AI Model Providers	European Union
	AI Model Providers	Asia-Pacific
	AI Model Providers	United States · Global
	Authentication & Identity	Global
	Authentication & Identity	Global
	Email & Communications	United States · European Union
	Content Management	United States · European Union

Why we publish this list

Under Article 28 of the GDPR and equivalent frameworks (UK GDPR, CCPA, LGPD), we are required to disclose the subprocessors that process personal data on behalf of our customers, and to give those customers a meaningful opportunity to object before a new subprocessor takes effect.

Advance notice of changes

We provide at least 30 days' advance notice before adding a new subprocessor or before a Proposed subprocessor takes effect. During that window, customers under a Data Processing Agreement (DPA) may object on reasonable grounds as set out in our DPA. Notice is given through this page; customers may also opt in to email notifications when that option becomes available.

International data transfers

Where personal data is transferred outside its jurisdiction of origin, we rely on:

Adequacy decisions where they exist.
EU Standard Contractual Clauses (2021), Module 3 (processor-to-processor) together with appropriate supplementary measures.
EU–US Data Privacy Framework participation, where the receiving subprocessor is certified.
UK International Data Transfer Addendum (IDTA) for transfers from the United Kingdom.

The transfer mechanism that applies to each subprocessor is shown in its row.

AI model providers

When you generate content on Crealix, your prompts and the resulting outputs may be transmitted to one or more AI model providers listed in the AI Model Providers category solely to fulfill the generation you requested. Crealix does not authorize these providers to use Customer Data to train their models unless this is explicitly disclosed in the corresponding row. Where a provider's default terms permit training, we either contractually opt out, configure no-training endpoints, or do not use that provider for Customer Data.

Customer responsibilities

You are responsible for ensuring that the personal data you submit to Crealix is lawful to process, that you have any consents required, and that you do not submit special categories of data (e.g., biometric, health, or children's data) without a separate written agreement with us.

Contact

For DPA requests, subprocessor objections, or any privacy enquiry, please open a contact request and mark the subject as "Privacy / DPA". We will route it to our privacy team.