Transparency about the third parties involved in delivering Sinky's services.
Annex I of the Privacy Policy — Updated June 2026.
Last updated: June 2026
1. What Are Subprocessors
Subprocessors are third parties contracted by Sinky to support the operation, delivery, maintenance, security, monitoring, or evolution of its products and services.
These third parties may, as necessary for the execution of contracted services, process personal data on behalf of Sinky and its clients.
All subprocessors are selected based on technical, operational, contractual, and security criteria compatible with the standards adopted by Sinky.
2. Subprocessor Categories
Sinky may use subprocessors belonging to the following categories:
Cloud Infrastructure
Responsible for hosting, storage, processing, and platform availability.
Examples: Microsoft Azure, Amazon Web Services (AWS), Google Cloud Platform (GCP)
Examples: Google Analytics, Microsoft Clarity, Mixpanel, PostHog
Purpose: Usage metrics, Product improvements, User experience
3. Data Providers and Data Sources
The Sinky platform enables integration with external data providers through the Sinky Data Marketplace.
Depending on the client's configuration, information providers related to the following may be used:
Credit
Identity
Compliance
Fraud prevention
Open Finance
Business information
Government information
Legal monitoring
Media monitoring
Financial data
Alternative data
Artificial intelligence
These providers may act as independent controllers or processors, according to their own policies and contracts.
Sinky does not control the privacy practices adopted by such providers.
4. International Transfers
Some subprocessors may be located in countries different from where the client or data subject is located.
In such cases, Sinky adopts appropriate mechanisms to ensure adequate levels of data protection, including:
Appropriate contractual clauses
Risk assessments
Technical and organizational measures
Security requirements compatible with applicable legislation
5. Security and Due Diligence
Before contracting relevant subprocessors, Sinky may conduct assessments involving:
Information security
Privacy
Regulatory compliance
Operational continuity
Technical capability
Market reputation
Sinky prioritizes working with vendors that adopt recognized security standards, including certifications or independent audits when applicable.
6. Updates to This Annex
Sinky may update this Annex periodically to reflect changes in its infrastructure, technology architecture, partners, or vendors.
The most recent version will always be available on Sinky's official channels.
Changes that represent material impact on data protection will be communicated to clients when required by applicable legislation or contractual obligations.
7. Contact
For questions related to subprocessors used by Sinky, please contact: