AtmosphericG2 Sub‑Processors (GDPR Transparency List)
We engage carefully vetted third‑party processors to deliver our services. This document lists our current sub‑processors, the purposes for which we use them, their processing locations, and the safeguards we apply for any international transfers.
AtmosphericG2 provides at least 30 days’ prior notice for new sub‑processors or material changes.
Summary Information
Last updated: October 22, 2025
Data Protection Contact: privacy@atmosphericg2.com
Contractual Basis: Processor obligations under Art. 28 GDPR; SCCs or other safeguards for non‑EEA transfers.
Current Sub‑Processors
| Name of Sub‑Processor | Purpose of Processing | Processing Location | Data Categories | Transfer Mechanism (if outside EEA) | Transfer Mechanism (if outside EEA) | First Listed | Last Reviewed |
|---|---|---|---|---|---|---|---|
| Amazon Web Services, Inc. | Cloud infrastructure (compute, storage, networking) | US (Viginia); EU (London); global resiliency | Customer account data | SCCs; EU Standard Contractual Clauses; DPA in place | ISO 27001, SOC 1/2/3, CSA STAR | Oct 25, 2025 | Oct 25, 2025 |
| Salesforce | Sales Tracking | EU and US | Contact details; | SCCs; supplementary measures | SOC 2 Type II; ISO 27001 | Oct 25, 2025 | Oct 25, 2025 |
| SendGrid (Twilio Inc.) | Transactional email delivery | EU and US | Email addresses; message metadata; delivery logs | SCCs | SOC 2 Type II | Oct 25, 2025 | Oct 25, 2025 |
Change Log
Oct 25, 2025 | Initial Document creation | Document created and reviewed. |
How We Evaluate Sub‑Processors
AtmosphericG2 follows strict evaluation criteria before engaging any sub‑processor:
- Data Processing Agreements imposing Article 28 GDPR obligations
- Transfer impact assessments and supplementary safeguards for international transfers
- Security reviews (e.g.SOC 2) and penetration testing summaries
- Principle of data minimization and purpose limitation
- Annual re‑validation and contractual audits where applicable
This document is provided for transparency under GDPR Articles 13 and 28. For questions or to object to a new sub‑processor, contact our Data Protection Officer at privacy@atmosphericg2.com.