Effective date: 19 January 2026
Last updated: 19 January 2026

This page explains the subprocessors and third-party providers that may be used by Tech Generation Ltd and its brands (Tech Generation, Pressific, Fusion Bear, Clougency, Biznific).

How to read this page

  • Subprocessor (processor): a supplier that processes personal data on our behalf.
  • Independent controller / third party: a supplier that processes data under its own purposes and legal obligations (for example, banks, social networks, and authorities).

Not every provider is used for every brand, service, or client at the same time. We update this list when there are material changes.

1) Payments, banking, invoicing, and accounting

Payments (subprocessor)

  • Stripe – payment processing for all brands
    https://stripe.com/legal/dpa
    https://stripe.com/privacy

Banking and payment networks (independent controllers)

  • Banks and financial institutions – when you pay us (or we pay you), banks and payment networks will process payer/payee details (for example name, business name, transaction references, and amounts) as part of standard payment processing.

Invoicing & accounting (subprocessors)

  • Xero – accounting
    https://www.xero.com/legal/terms/data-processing/
  • Zoho – invoicing / billing admin
    https://www.zoho.com/privacy.html
  • Our UK-based accountancy firm – accounting, tax, and compliance support (not named publicly)

2) Hosting, infrastructure, and platform delivery (subprocessors)

These providers may process personal data stored in systems we operate (for example contact details, service configuration data, support content, logs, and files you choose to store with us).

  • 20i (UK) – hosting
    https://www.20i.com/us/legal/gdpr-data-processing-agreement
  • Hetzner (Germany/EU) – hosting / infrastructure
    https://www.hetzner.com/AV/DPA_en.pdf
  • DigitalOcean – hosting / infrastructure
    https://www.digitalocean.com/legal/data-processing-agreement
  • Google Cloud – cloud infrastructure (also covers Google Workspace processing terms where applicable)
    https://cloud.google.com/terms/data-processing-addendum
  • StablePoint (UK) – hosting (used where appropriate)
    https://kb.stablepoint.com/docs/terms-of-service

3) CDN, performance, and security (subprocessors)

  • Cloudflare – CDN, security, performance
    https://www.cloudflare.com/cloudflare-customer-dpa/
  • bunny.net (BunnyCDN) – CDN and delivery
    https://bunny.net/gdpr/sub-processors/

4) Email, support, internal documents, and collaboration (subprocessors)

Email / shared inbox / client comms tooling

Used depending on workflow and brand/service.

  • Google Workspace (Gmail, Drive, etc.) – business email and collaboration
    https://cloud.google.com/terms/data-processing-addendum
  • Front – shared inbox / customer comms (where used)
    https://front.com/legal/data-processing-addendum
  • Missive – shared inbox / collaboration (where used)
    https://missiveapp.com/gdpr
  • Microsoft (Outlook / Microsoft 365 where used)
    https://www.microsoft.com/licensing/docs/view/microsoft-products-and-services-data-protection-addendum-dpa

Notes and internal documents

  • Evernote – notes / internal documentation (where used)
    https://evernote.com/legal/dpa

Internal communication

  • Google Chat (via Google Workspace)
    https://cloud.google.com/terms/data-processing-addendum
  • Slack
    https://slack.com/terms-of-service/data-processing

Internal documents / file storage (where used)

  • Google Workspace (Drive)
    https://cloud.google.com/terms/data-processing-addendum
  • Apple (iCloud)
    https://www.apple.com/legal/privacy/en-ww/

5) External communication channels (third parties / mixed roles)

Phone / VoIP

  • Yay.com – phone line provider (where used)
    https://www.yay.com/about/privacy/

WhatsApp (only for clients who contact us via WhatsApp)

  • WhatsApp Business
    https://www.whatsapp.com/legal/business-app-privacy-policy
    https://www.whatsapp.com/legal/privacy-policy

Social media messaging (only where a client contacts us via that channel)

If a client messages us through social platforms, those platforms process data under their own terms and policies.

  • Meta platforms (Facebook / Instagram / Messenger)
    https://www.facebook.com/privacy/policy/
  • LinkedIn
    https://www.linkedin.com/legal/privacy-policy
  • X
    https://privacy.x.com/en
  • TikTok (where used) – privacy resources vary by product and region
    https://ads.tiktok.com/help/article/tiktok-one-creator-program-privacy-policy

6) Analytics, advertising, and affiliate tracking

Analytics / site performance

  • Google Analytics (where enabled)
    https://policies.google.com/privacy

Search performance

  • Google Search Console
    https://search.google.com/search-console/about

Advertising measurement / audiences

  • Meta Pixel / Meta Business Tools (where enabled)
    https://www.facebook.com/legal/technology_terms
    https://www.facebook.com/legal/terms/dataprocessing

Affiliate programmes (our blogs)

  • Amazon Associates
    https://affiliate-program.amazon.com/help/operating/agreement
  • impact.com (Impact)
    https://impact.com/privacy-policy/

7) WordPress management and website tools (subprocessors / service providers)

Managing certain client sites

  • WPMU DEV – site management/tools (where used)
    https://wpmudev.com/privacy-policy/
  • ManageWP – site management (where used)
    https://managewp.com/managewp-and-gdpr-compliance/

SEO audits on client sites

  • Rank Math – SEO plugin + audits (where used)
    https://rankmath.com/privacy-policy/

8) AI-assisted tools used for support/admin (subprocessors, where used)

We may use AI tools to help with drafting replies, summarising threads, and internal triage (depending on workflow and context).

  • OpenAI
    https://openai.com/policies/data-processing-addendum/
  • Anthropic (Claude)
    https://privacy.claude.com/en/articles/7996862-how-do-i-view-and-sign-your-data-processing-addendum-dpa
  • Grammarly
    https://www.grammarly.com/privacy-policy

9) Authorities, regulators, and legal requirements (independent controllers)

We may disclose information to authorities only where we are legally required, or to comply with lawful requests and legal obligations.

  • HMRC (UK)
    https://www.gov.uk/government/publications/data-protection-act-dpa-information-hm-revenue-and-customs-hold-about-you/data-protection-act-dpa-information-hm-revenue-and-customs-hold-about-you
  • IRS (US)
    https://www.irs.gov/privacy-disclosure/irs-privacy-policy
  • Other government, tax, regulatory, or law enforcement bodies – strictly where required by law.

Questions

If you want to know which providers are currently used for a specific service you have with us, email accounts@techgeneration.uk.