Subprocessors
Information on third-party service providers engaged by Toqen to support the operation, security, and delivery of the service, in accordance with the GDPR.
TL;DR
- Toqen engages a limited number of carefully selected subprocessors.
- Subprocessors are used exclusively for service operation, security, and essential supporting functions.
- Information on subprocessors is provided transparently in accordance with the Data Processing Addendum.
Categories of Subprocessors
| Content Delivery and Security Infrastructure | Network traffic routing, content delivery, protection against abuse and attacks, and security mechanisms, including bot mitigation and challenge-response services. |
| Email Delivery Services | Transmission of one-time verification codes and essential service-related communications required for access flows and operational notifications. |
| Managed Database and Edge Computing Infrastructure | Hosting, storage, and processing of service data, as well as execution of application logic within controlled, access-restricted environments. |
| Payment Service Providers | Processing of payments and billing-related operations in accordance with applicable financial regulations and data protection requirements. |
| Authentication and Protocol Infrastructure | Implementation of standards-based authentication and token flows using OpenID Connect and related protocols. |
Transparency, Responsibility, and Updates
A current and detailed list of subprocessors, including their legal entity names, processing roles, and processing locations, is made available to partners in accordance with the Data Processing Addendum. Toqen remains responsible for the performance of its subprocessors as required under Article 28 of the GDPR and conducts periodic reviews of their compliance with applicable data protection obligations. This information is updated when changes occur.