Transparency
Sub-processors
Third-party providers we engage to deliver the EkaTantra platform. Updated quarterly.
| Provider | Purpose | Location | Certifications | DPA | Added |
|---|---|---|---|---|---|
| Google Cloud (Firebase / Firestore / Storage) | Core infrastructure, database, storage, authentication | asia-south1 (Mumbai), asia-southeast1 (Singapore) | ISO 27001ISO 27017ISO 27018SOC 2 Type IIPCI-DSS Level 1 | DPA → | 2024-01-01 |
| Razorpay (Payments + Route) | Payment processing, marketplace settlement | India (Mumbai) | PCI-DSS Level 1ISO 27001 | DPA → | 2024-01-01 |
| Stripe | International payment processing (where applicable) | US / EU regions | PCI-DSS Level 1SOC 1 Type IISOC 2 Type IIISO 27001 | DPA → | 2024-06-15 |
| Twilio | SMS notifications | US (with regional routing) | SOC 2 Type IIISO 27001 | DPA → | 2024-03-01 |
| SendGrid (Twilio) | Transactional + marketing email | US | SOC 2 Type IIISO 27001 | — | 2024-03-01 |
| Meta (WhatsApp Business Cloud API) | WhatsApp notifications + ordering bot | Global | ISO 27001ISO 27018 | DPA → | 2025-04-10 |
| Firebase Cloud Messaging (Google) | Push notifications | Global | ISO 27001 | — | 2024-01-01 |
| Cloudflare | CDN, DDoS protection | Global edge | ISO 27001SOC 2 Type IIPCI-DSS | DPA → | 2024-08-01 |
| Sentry | Error monitoring | US, EU | SOC 2 Type IIISO 27001 | DPA → | 2025-02-15 |
Customers can request 30-day notice of changes by emailing privacy@ekatantra.com.