Authorized Sub-processors
An up-to-date list of third-party service providers (sub-processors) engaged by snowLEX Oy to deliver the snowLEX service, in accordance with our Privacy Policy and Data Processing Agreement.
Last updated: 2026-03-11
| Sub-processor | Purpose | Data Location | DPA / Safeguards |
|---|---|---|---|
| Google Cloud Platform (GCP) | Cloud infrastructure, hosting, database, and file storage | EU (Finland / europe-north1) | Google Cloud DPA, SCCs |
| Qdrant | Vector database for semantic search and document retrieval | EU (Finland / europe-north1) | Qdrant DPA, SCCs |
| PostgreSQL (Cloud SQL) | Relational database for application data and user records | EU (Finland / europe-north1) | Google Cloud DPA, SCCs |
| Stripe | Payment processing and subscription management | EU / US | Stripe DPA, SCCs |
Self-hosted AI Infrastructure
Core AI inference runs entirely within our own dedicated GCP infrastructure using open-source models (Llama-Poro-2-8B-Instruct), ensuring your queries never leave our controlled environment. No data is sent to external LLM providers. Your conversations stay entirely within our infrastructure in Finland.
International Data Transfers
Your data is primarily hosted and processed within the European Economic Area (EEA), specifically in Finland. To the extent any operational data must be transferred outside the EEA, we ensure such transfers are protected under GDPR Chapter V mechanisms, utilizing the European Commission's Standard Contractual Clauses (SCCs) or relying on applicable Adequacy Decisions.
No Data Sales
We strictly do not sell, rent, monetize, or trade your personal data. Data is only shared with carefully vetted sub-processors strictly necessary for operating our infrastructure.
Changes to This List
We will update this page when sub-processors are added or removed. Material changes will be communicated via email to active users in accordance with our DPA obligations.
Questions about our data processing?
If you have questions about our sub-processors or data processing practices, please reach out to our Data Protection Officer.
Contact DPO