Subprocessors
Last updated: 11 March 2026
CraftCert is a product of Crocker Digital Ltd (Company No. 17008789). The following third-party services process data on our behalf to provide the CraftCert service.
| Service | Purpose | Data processed | Location |
|---|---|---|---|
| Supabase | Authentication, database hosting, and file storage | Account data, product data, formulations, labels, evidence records, session tokens | EU (AWS eu-west-1) |
| Stripe | Payment processing and subscription management | Billing details, payment card data, subscription status, customer ID | US/EU |
| Resend | Transactional email delivery | Email addresses, email content (account notifications) | US (EU region endpoint) |
| Netlify | Website hosting and deployment | HTTP request metadata (IP addresses, user agents) via server logs | US/EU |
| GoatCounter | Privacy-focused website analytics | Aggregate page view data only — no personal data, no cookies | EU |
| Sentry | Error monitoring and performance tracking | Error stack traces, browser metadata, request IDs. No formulation or ingredient data. | US/EU |
| Upstash | Rate limiting and abuse prevention | IP addresses and user IDs (temporarily, for rate limit windows) | EU |
Changes to this list
We will update this page when we add or remove subprocessors. Material changes will be communicated to account holders by email.
Contact
Questions about our subprocessors? Contact support@craftcert.co.uk.