Subprocessor disclosure for SaaS
A practical guide to subprocessor lists, vendor roles, DPA schedules, and customer-facing disclosure preparation.
Short answer
A subprocessor disclosure identifies third parties that help a service provider process customer data. For SaaS and vendor workflows, the useful preparation work is to map subprocessors, what they support, where they fit in the product, what data categories may pass through them, and how the list connects to the DPA and privacy policy. paulkrieger prepares subprocessor disclosure language from vendor stacks, hosting notes, support tools, security assumptions, customer-facing schedules, and missing vendor details, so the disclosure can be reviewed alongside the related DPA and privacy wording. This keeps customer-facing vendor language consistent.
Start with the vendor stack
List hosting, infrastructure, analytics, support, email, billing, logging, storage, security, AI, and customer success tools. Then separate vendors that touch customer data from tools that do not belong in a customer-facing subprocessor list.
Connect subprocessors to DPA schedules
A DPA schedule should not be detached from operations. It should reflect the processing purpose, categories of data, support process, security notes, hosting assumptions, and customer contact route around each relevant vendor.
Keep customer-facing wording aligned
Subprocessor disclosure, privacy policy vendor language, and DPA schedules should tell the same story. paulkrieger uses the same intake across those documents to reduce contradictions.
Questions this guide answers.
What is a subprocessor disclosure?+
A subprocessor disclosure is a customer-facing list or explanation of third parties that help a provider process customer data. It is usually prepared alongside DPA schedules and privacy policy vendor language.
What should be collected before preparing a subprocessor list?+
Collect hosting, infrastructure, analytics, support, email, billing, logging, storage, security, AI, and customer success tools, then identify which vendors touch customer data and what role they play.
How does paulkrieger use subprocessor information?+
paulkrieger uses subprocessor information to prepare aligned DPA schedule language, privacy policy vendor wording, and customer-facing disclosure notes from the same operational facts.
Price and promise
- Any document - $49
- Pack of 4 - $149
- Pack of 8 - $279
- Prepared within 2 working hours, 7:00-19:00 Central European Time
- Up to 5 revisions per order goal, no extra cost
- Brief us once. Operator follows up with focused questions when needed
- Human-prepared files delivered through your account
Turn this guide into a prepared document.
Data processing agreement template alternative prepared with schedules
DPA and data processing addendum preparation for SaaS vendors, agencies, software providers, and online businesses.
Website policy documents for SaaS products
Website policy document preparation for SaaS privacy policies, terms of service, DPAs, cookie policies, acceptable use policies, and customer rules.
Privacy policy for website preparation beyond a free generator
Human-supervised privacy policy preparation for websites, SaaS products, ecommerce stores, apps, and online services.