Trust Center
Subprocessors
Last updated
Privion provides 30 days' notice via this page before adding or changing a subprocessor that processes client personal data.
Rows marked Pending confirmation are under internal review before publication as final.
| Subprocessor | Purpose | Region | Certifications | DPA |
|---|---|---|---|---|
| Microsoft Azure | Privion Intranet and PAnalytics hosting; corporate infrastructure | West US 2 (Privion Intranet, PAnalytics) | SOC 2 Type II, ISO 27001, FedRAMP (platform) | Yes (Microsoft DPA) |
| Microsoft Azure OpenAI Service | Privion Intranet document processing (Azure OpenAI API) | United States (Privion deployment in West US 2) | Inherits Microsoft Azure / OpenAI enterprise commitments per Microsoft DPA | Yes (Microsoft DPA; see Azure OpenAI data handling documentation) |
| Microsoft 365 | Privion corporate productivity and collaboration | United States / global | SOC 2, ISO 27001 | Yes |
| Supabase | Client portal database and authentication; Privion Intranet licensing server data store | United States (Privion-managed projects) | SOC 2 Type II, ISO 27001 (platform) | Yes (Supabase DPA) |
| Netlify | Static hosting for priviontech.com, client portal, Privion Intranet licensing application, and product documentation; contact form delivery on the marketing site | Global edge | SOC 2 Type II; GDPR and CCPA program | Yes (Netlify DPA; incorporated in terms) |
| Twilio SendGrid | Transactional email for general client communications and Privion client portal notifications (API/SMTP) | United States / global delivery | SOC 2 Type II (SendGrid); ISO 27001, GDPR, CCPA (Twilio platform) | Yes (Twilio Data Protection Addendum) |
| Zoho | Password management (Zoho Vault), billing, accounting, and client ticketing | United States / global (Zoho data centers) | ISO 27001, ISO 27017, ISO 27018, SOC 2 Type II, GDPR | Yes (Zoho DPA available) |