Authorized Sub-processors
Last Updated: January 20, 2026
Effective Date: January 20, 2026
To deliver our Services, Krops GmbH ("Company", "We", "Us") engages third-party entities to assist with our data processing activities. These entities are known as "Sub-processors" under the General Data Protection Regulation (GDPR).
In accordance with Section 4 of our Data Processing Agreement (DPA), we maintain strict oversight over these entities. Each authorized sub-processor is bound by contractual data protection terms that are substantially equivalent to those set forth in our DPA, ensuring the continued security, confidentiality, and integrity of Customer Personal Data.
Current Sub-processor List
| Sub-processor | Purpose of Processing | Corporate Location | Data Processing Region | Transfer Safeguards |
|---|---|---|---|---|
| Hetzner Online GmbH | Cloud Infrastructure & Application Hosting | Germany | Germany (EU) | N/A (Processed entirely within the EU) |
| Google Cloud EMEA Limited | Core Platform Infrastructure & Database Management | Ireland | Frankfurt, Germany (EU) | N/A (Processed entirely within the EU) |
| Anthropic, Inc. (Served via Google Cloud) | AI Model Inference & Content Processing | United States | Frankfurt, Germany (EU) | N/A (Data processing is strictly bound to Google Cloud's EU Data Boundary) |
💡 Enterprise Trust & AI Data Privacy Note
We understand the sensitive nature of operational enterprise data. When utilizing advanced language models via our platform, your data is isolated and secured under enterprise-grade protocols:
- Zero Model Training: Neither Krops GmbH, Google Cloud, nor Anthropic will use your inputs, prompts, document context, or generated outputs to train public or foundational artificial intelligence models.
- Strict EU Data Residency: While Anthropic, Inc. is a U.S. corporate entity, our technical implementation interfaces exclusively with Google Cloud's infrastructure inside Frankfurt, Germany. Your data packets never cross jurisdictions or exit the European Union data boundary during processing.
- Incident Isolation: No communication or workspace data processed by our AI algorithms is accessible by other platform tenants.
Subscribe to Infrastructure Updates
Per Section 4.1.1 of the Krops GmbH Data Processing Agreement, customers have the right to receive notice of, and object to, any intended addition or replacement of an authorized sub-processor.
If you wish to receive automated email notifications at least two (2) weeks before we introduce a new sub-processor to this list, please opt-in by submitting your details below:
For any specific questions, legal objections, or technical inquiries regarding our sub-processors, please contact our data privacy desk directly at privacy@gosophia.ai.