Compliance
Open Subprocessors
Know exactly where your data is and how it is being used. All our subprocessors are EU-based and GDPR compliant. This page lists all third-party service providers that Open uses to deliver our services within the European Union.
Current as of January 17, 2026
| Name | Purpose | Location | Website |
|---|---|---|---|
| AWS (EU-West) | Cloud infrastructure and hosting services | Germany (Frankfurt) | aws.amazon.com |
| Azure OpenAI (EU) | AI language model services (GPT) | Sweden (Stockholm) | azure.microsoft.com/en-us/products/ai-services/openai-service |
| Stripe (EU) | Payment processing and billing | Ireland (Dublin) | stripe.com |
| Vercel (EU) | Frontend hosting and deployment | Germany (Frankfurt) | vercel.com |
| Cloudflare (EU) | CDN and security services | Germany (Frankfurt) | cloudflare.com |
| Neon (EU) | Serverless PostgreSQL database | Germany (Frankfurt) | neon.tech |
| PostHog (EU) | Product analytics and event tracking | Germany (Frankfurt) | posthog.com |
Data Protection
All subprocessors listed above are carefully selected and required to maintain GDPR-compliant security measures to protect your data. We only work with providers that have EU data centers and are fully compliant with European data protection regulations.
This list is updated as we add or remove subprocessors. We will notify customers of any material changes in accordance with our Data Processing Agreement.