DynaTax uses third-party service providers ("subprocessors") to deliver our services. This page lists all subprocessors who process customer data on our behalf, including the types of data processed, processing location, and links to their privacy policies.

All subprocessors are contractually required to protect your data and use it only for providing services to DynaTax.

Active Subprocessors

Infrastructure & Hosting

Provider	Service	Data Processed	Location	Privacy Policy
Vercel Inc.	Application hosting	All application data	USA	Link
Neon (Neon.tech)	Database hosting	User data, financial records, encrypted tax identifiers	USA	Link
Amazon Web Services (AWS)	Document storage (S3)	Tax documents, receipts, encrypted files	USA	Link

Financial Services

Provider	Service	Data Processed	Location	Privacy Policy
Plaid Inc.	Bank account connection	Bank credentials, account numbers, transaction history, balances	USA	Link
Stripe, Inc.	Payment processing	Credit card info, billing address, payment history	USA	Link

AI & Machine Learning

IMPORTANT: AI providers process your financial and tax data to provide categorization, insights, and suggestions. We do not use your data to train AI models. AI providers process data under strict contractual terms.

Provider	Service	Data Processed	Location	Privacy Policy
AI Processing Services (Multiple Vendors)	AI tax analysis, transaction categorization, document OCR, receipt processing, chat assistance	Transaction data, documents, financial info, receipt images, merchant names, amounts, expense descriptions, tax questions	USA	Various providers with contractual data protection

Document & Workflow Services

Provider	Service	Data Processed	Location	Privacy Policy
E-Sign, Inc.	Electronic signatures	Engagement letters, names, email addresses, signatures	USA	Link

Identity Verification

Provider	Service	Data Processed	Location	Privacy Policy
Veriff OÜ	Professional ID verification	ID documents, photos, professional licenses, background check data	Estonia (EU)	Link

Analytics & Monitoring

Provider	Service	Data Processed	Location	Privacy Policy
Google Analytics	Website analytics	Page views, device info, IP address (anonymized)	USA	Link
Sentry.io	Error monitoring	Error logs, stack traces (PII removed)	USA	Link

Communication

Provider	Service	Data Processed	Location	Privacy Policy
SendGrid (Twilio)	Transactional emails	Email addresses, message content	USA	Link

Subprocessor Changes

We may add, remove, or replace subprocessors from time to time. When we add a new subprocessor that processes personal data, we will:

Update this page with the new subprocessor details
Ensure the new subprocessor is contractually bound to protect your data
For Enterprise customers: Provide 30 days advance notice via email

Last Updated: December 20, 2025
Next Review: March 20, 2026

International Data Transfers

Most subprocessors are located in the United States. Data transferred to the EU (Veriff) is protected by:

Standard Contractual Clauses (SCCs): EU-approved data transfer mechanisms
GDPR Compliance: Veriff is GDPR-compliant and located in Estonia (EU member state)

Questions

For questions about subprocessors or data processing:

DynaTax Privacy Team

Email: privacy@dynatax.ai

See our Privacy Policy for more information.

All subprocessors listed are contractually obligated to protect your data in accordance with GDPR, CCPA, and other applicable data protection laws. Data Processing Agreements (DPAs) and Standard Contractual Clauses (SCCs) are in place where required.

Enterprise customers may request copies of relevant DPAs by contacting legal@dynatax.ai.

Last Updated: December 20, 2025