Subprocessors
Who operates the platform, and the one thing none of them touch
A subprocessor list usually makes a buyer nervous, because every vendor named is another company that holds a copy of the data. Ours is the opposite. Because HiveSilo never takes custody of your clients' personal data, none of our subprocessors receives it either. This page sets out who operates the platform and exactly what each one processes.
Public summary, full list under NDA
This is the public summary. The complete, individually-named subprocessor list, with legal entities and regions, is provided under NDA through the Trust Center. We name our edge provider here; our confidential-computing and core platform providers are identified under NDA, because for a business serving discreet clients, publishing the full infrastructure map is itself a security and discretion consideration. This is a deliberate posture, not an evasion: any reviewer under NDA gets every name.
The platform operators
What each subprocessor does, and the data it can see
Read the third column. For your clients' personal data, the answer is the same every row: it never reaches them.
| Role | Purpose | Data it can process | Identity |
|---|---|---|---|
| Edge, DNS & DDoS protection | TLS at the edge, DNS, and bot and denial-of-service protection for our public surface. | Request metadata only. No client PII. | Cloudflare |
| Confidential-computing / TEE infrastructure | Hosts the per-tenant, hardware-attested enclaves where your data is processed under your keys. | Sealed enclave contents that the provider cannot read. Nothing HiveSilo-readable. | Named under NDA |
| Application hosting & edge compute | Runs the HiveSilo control-plane application and APIs. | Control-plane and operational data. No client identities. | Named under NDA |
| Managed database | Stores control-plane, configuration, billing, and non-PII operational records. | Account and operational metadata. No client identities. | Named under NDA |
| Transactional email | Sends operational notices and briefing correspondence. | Recipient business email address only. | Named under NDA |
Why none of them sees your clients
Your clients' personal data travels directly from your website into your own confidential enclave and is processed there under your keys. It does not pass through HiveSilo, so it does not reach any HiveSilo subprocessor. The strongest statement a subprocessor list can make is the one this list makes: the sensitive data was never theirs to hold.
Your own tools
Customer-authorized destinations are yours, not ours
Separately from the operators above, you connect your own CRM and advertising tools.
When you authorize a connector (see Integrations), HiveSilo dispatches to it from inside your own enclave, under your own keys. Those destinations are your subprocessors, governed by your existing agreements with them, not HiveSilo's. HiveSilo does not add itself as a holder of the data they receive, and it does not introduce a new copy in between. You decide which destinations are switched on, and you can revoke them.
Diligence
Get the full named list under NDA
We maintain the complete subprocessor register with legal entities and regions, and provide advance notice of material changes under your Data Processing Agreement. Request it through a briefing or the Trust Center.
The current verification status is published at the Trust Center. Enterprise pricing on inquiry.